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Abstract. This paper shows equivalence of several versions of applicative similarity and 
contextual approximation, and hence also of applicative bisimilarity and contextual equiv¬ 
alence, in LR, the deterministic call-by-need lambda calculus with letrec extended by data 
constructors, case-expressions and Haskell’s seq-operator. LR models an untyped version 
of the core language of Haskell. The use of bisimilarities simplifies equivalence proofs in 
calculi and opens a way for more convenient correctness proofs for program transforma¬ 
tions. 

The proof is by a fully abstract and surjective transfer into a call-by-name calculus, 
which is an extension of Abramsky’s lazy lambda calculus. In the latter calculus equiva¬ 
lence of our similarities and contextual approximation can be shown by Howe’s method. 
Similarity is transferred back to LR on the basis of an inductively defined similarity. 

The translation from the call-by-need letrec calculus into the extended call-by-name 
lambda calculus is the composition of two translations. The first translation replaces the 
call-by-need strategy by a call-by-name strategy and its correctness is shown by exploiting 
infinite trees which emerge by unfolding the letrec expressions. The second translation 
encodes letrec-expressions by using multi-fixpoint combinators and its correctness is shown 
syntactically by comparing reductions of both calculi. 

A further result of this paper is an isomorphism between the mentioned calculi, which 
is also an identity on letrec-free expressions. 
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gram semantics; Logic; [Software and its engineering]: Software notations and tools—Formal language 
definitions—Semantics. 
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1. Introduction 

Motivation. Non-strict functional programming languages, such as the core-language of 
Haskell |Pey03| , can be modeled using extended call-by-need lambda calculi. 

The operational semantics of such a programming language defines how programs are 
evaluated and how the value of a program is obtained. Based on the operational semantics, 
the notion of contextual equivalence (see e.g. |Mor68l lPlo75] l is a natural notion of program 
equivalence which follows Leibniz’s law to identify the indiscernibles, that is two programs 
are equal iff their observable (termination) behavior is indistinguishable even if the pro¬ 
grams are used as a subprogram of any other program (i.e. if the programs are plugged into 
any arbitrary eontext). For pure functional programs it suffices to observe whether or not 
the evaluation of a program terminates with a value (i.e. whether the program eonverges). 
Contextual equivalence has several advantages: Any reasonable notion of program equiv¬ 
alence should be a congruence which distinguishes obvious different values, e.g. different 
constants are distinguished, and functions (abstractions) are distinguished from constants. 
Contextual equivalence satisfies these requirements and is usually the coarsest of such con¬ 
gruences. Another (general) advantage is that once expressions, contexts, an evaluation, 
and a set of values are defined in a calculus, its definition of contextual equivalence can be 
derived, and thus this approach can be used for a broad class of program calculi. 

On the other hand, due to the quantification over all program contexts, verifying equiv¬ 
alence of two programs w.r.t. contextual equivalence is often a difficult task. Nevertheless 
such proofs are required to ensure the correetness of program transformations where the 
correctness notion means that contextual equivalence is preserved by the transformation. 
Correctness of program transformations is indispensable for the correctness of compilers, 
but program transformations also play an important role in several other fields, e.g. in 
code refactoring to improve the design of programs, or in software verification to simplify 
expressions and thus to provide proofs or tests. 

Bisimulation is another notion of program equivalence which was first invented in the 
field of process calculi {e.g. [MilSOl [Mil99l ISWOl] !. but has also been applied to functional 
programming and several extended lambda calculi {e.g. |How89l IAbr90l lHow96] i. Finding 
adequate notions of bisimilarity is still an active research topic (see e.g. |KW06[ [SKSll| i. 
Briefly explained, bisimilarity equates two programs si,S 2 if all experiments passed for si 
are also passed by S 2 and vice versa. For applicative similarity (and also bisimilarity) the 
experiments are evaluation and then recursively testing the obtained values: Abstractions 
are applied to all possible arguments, data objects are decomposed and the components are 
tested recursively. Applicative similarity is usually defined co-inductively, i.e. as a greatest 
fixpoint of an operator. Applicative similarity allows convenient and automatable proofs of 
correctness of program transformations, e.g. in mechanizing proofs [DBG97) . 

Abramsky and Ong showed that applicative bisimilarity is the same as contextual equiv¬ 
alence in a specific simple lazy lambda calculus [Abr9nl [A093| . and Howe |How891 lHow96] 
proved that in classes of lambda-calculi applicative bisimulation is the same as contextual 
equivalence. This leads to the expectation that some form of applicative bisimilarity may 
be used for calculi with Haskell’s cyclic letrec. However, Howe’s proof technique appears 
to be not adaptable to lambda calculi with cyclic let, since there are several deviations 
from the requirements for the applicability of Howe’s framework, (i) Howe’s technique is 
for call-by-name calculi and it is not obvious how to adapt it to call-by-need evaluation, (ii) 
Howe’s technique requires that the values (results of reduction) are recognizable by their 
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top operator. This does not apply to calculi with letrec, since letrec-expressions may be 
values as well as non-values, (hi) Call-by-need calculi with letrec usually require reduction 
rules to shift and join letrec-bindings. These modihcations of the syntactic structure of 
expressions do not fit well into the proof structure of Howe’s method. 

Nevertheless, Howe’s method is also applicable to calculi with non-recursive let even in 
the presence of nondeterminism [MSSIO] . where for the nondeterministic case applicative 
bisimilarity is only sound (but not complete) w.r.t. contextual equivalence. However, in 
the case of (cyclic) letrec and nondeterminism applicative bisimilarity is unsound w.r.t. 
contextual equivalence [SSSMll] . This raises a question: which call-by-need calculi with 
letrec permit applicative bisimilarity as a tool for proving contextual equality? 

Our Contribution. In [SSSMIO] we have already shown that for the minimal extension 
of Abramsky’s lazy lambda calculus with letrec which implements sharing and explicit re¬ 
cursion, the equivalence of contextual equivalence and applicative bisimilarity indeed holds. 
However, the full (untyped) core language of Haskell has data constructors, case-expressions 
and the seq-operator for strict evaluation. Moreover, in [SSMS13] it is shown that the ex¬ 
tension of Abramsky’s lazy lambda calculus with case, constructors, and seq is not con¬ 
servative, i.e. it does not preserve contextual equivalence of expressions. Thus our results 
obtained in [SSSMlDj for the lazy lambda calculus extended by letrec only are not transfer¬ 
able to the language extended by case, constructors, and seq. For this reason we provide 
a new proof for the untyped core language of Haskell. 

As a model of Haskell’s core language we use the call-by-need lambda calculus Llr 
which was introduced and motivated in [SSSSOSj . The calculus Lm extends the lazy lambda 
calculus with letrec-expressions, data constructors, case-expressions for deconstructing the 
data, and Haskell’s seq-operator for strict evaluation. 

We dehne the operational semantics of Lm in terms of a small-step reduction, which 
we call normal order reduction. As it is usual for lazy functional programming languages, 
evaluation of L^^j-expressions successfully halts if a weak head normal form is obtained, 
i.e. normal order reduction does not reduce inside the body of abstractions nor inside 
the arguments of constructor applications. The Lm calculus has been studied in detail in 
[SSSS08| and correctness of several important program transformations has been established 
for it. 

Our main result in this paper is that several variants of applicative bisimilarities are 
sound and complete for contextual equivalence in Llr, i.e. coincide with contextual equiv¬ 
alence. Like context lemmas, an applicative bisimilarity can be used as a proof tool for 
showing contextual equivalence of expressions and for proving correctness of program trans¬ 
formations in the calculus Llr. Since we have completeness of our applicative bisimilarities 
in addition to soundness, our results can also be used to disprove contextual equivalence of 
expressions in Lrr. Additionally, our result shows that the untyped applicative bisimilarity 
is sound for a polymorphic variant of Lrr, and hence for the typed core language of Haskell. 

Having the proof tool of applicative bisimilarity in Lrr is also very helpful for more 
complex calculi if their pure core can be conservatively embedded in the full calculus. An 
example is our work on Concurrent Haskell [SSSlH ISSS12] , where our calculus CHF that 
models Concurrent Haskell has top-level processes with embedded lazy functional evaluation. 
We have shown in the calculus CHF that Haskell’s deterministic core language can be 
conservatively embedded in the calculus CHF. 
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Figure 1: Overall structure. Solid lines are fully-abstract translations, which are also iso¬ 
morphisms and identities on letrec-free expressions; dotted lines are convergence 
preservation to/from the system Ltree of inhnite trees. 


We prove the equivalence between the applicative similarities and contextual equiva¬ 
lence in by lifting the equivalence from a letrec-free call-by-name calculus Li^c- The 
calculus Lice minimally extends Abramsky’s lazy calculus by Haskell’s primitives. As shown 
in [SSMS13] . data constructors and seq are explicitly needed in Li^c- The structure of the 
proof, with its intermediate steps, is shown in Figured) We prove the equivalence between 
the applicative similarities and contextual equivalence in Lice-, by extending Howe’s method. 
We bridge and L/cc in two steps, using intermediate calculi Lname and Lt^ee- Lname is 
the call-by-name variant of Llr, and Lice is obtained from Lname by encoding letrec using 
multi-fixpoint combinators. The calculi Lm and Lname are related to each other via their 
infinite unfoldings, thus we introduce a calculus Ltree of infinite trees (similar infinitary 
rewriting, see [KKSdV^ ISSOT] ). Convergence of expressions in Lm and Lname is shown 
to be equivalent to their translation as an infinite tree in the calculus Ltree (dotted lines 
in the picture). We establish full abstractness of translation N and W between calculi 
Llr, Lname, and Lice with respect to contextual equivalence. Correctness of similarity is 
transferred back from Lice to Llji on the basis of an inductively defined similarity (for more 
details see Fig. 17.211 . 

A consequence of our result is that the three calculi Liji, Lname, and Lice are isomorphic, 
modulo the equivalence (see Corollaries 16.171 and 15.331) . and also that the embedding of the 
calculus Lice into the call-by-need calculus Ll^ is an isomorphism of the respective term 
models. 

Related Work. In [Gor99j Gordon shows that bisimilarity and contextual equivalence 
coincide in an extended call-by-name PCF language. Gordon provides a bisimilarity in 
terms of a labeled transition system. A similar result is obtained in |Pit97j for PCF extended 
by product types and lazy lists where the proof uses Howe’s method f |How89[ IHow96| : 
see also [MSSIO) IPitllj ). and where the operational semantics is a big-step one for an 
extended PCF-language. The observation of convergence in the definition of contextual 
equivalence is restricted to programs (and contexts) of ground type (i.e. of type integer or 
Bool). Therefore H and Xx.Ll are equal in the calculi considered by Gordon and Pitts. This 
does not hold in our setting for two reasons: first, we observe termination for functions 
and thus the empty context already distinguishes H and Xx.Q, and second, our languages 
employ Haskell’s seq-operator which permits to test convergence of any expression and thus 
the context seq [•] True distinguishes H and Xx.Ll. 
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[,Tef94] presents an investigation into the semantics of a lambda-calculus that permits 
cyclic graphs, where a fully abstract denotational semantics is described. However, the 
calculus is different from our calculi in its expressiveness since it permits a parallel conver¬ 
gence test, which is required for the full abstraction property of the denotational model. 
Expressiveness of programming languages was investigated e.g. in |Fel91| and the usage 
of syntactic methods was formulated as a research program there, with non-recursive let 
as the paradigmatic example. Our isomorphism-theorem 17.71 shows that this approach is 
extensible to a cyclic let. 

Related work on calculi with recursive bindings includes the following foundational 
papers. An early paper that proposes cyclic let- bindings ( as graphs) is |AK94| . where 
reduction and confluence properties are discussed. [AFM+9^ IAF97| study equational the¬ 
ory for call-by-need lambda calculus extended with non-recursive let, which is finer than 
contextual equivalence, and in [MOW98] it is shown that call-by-name and call-by-need 
evaluation induce the same observational equivalences for a call-by-need lambda calculus 
with non-recursive let. Additionally, the extension of the corresponding calculi by recur¬ 
sive let is discussed in [AFM'*~9^ IAF97j . and further call-by-need lambda calculi with a 
recursive let are presented in |AB97[ IABn21 INHn9| where |NHn9| study the equivalence 
between a natural semantics and a reductions semantics. In [ABn2j it is shown that there 
exist infinite normal forms and that the calculus satisfies a form of confluence. All these 
calculi correspond to our calculus Llr- A difference is that the let-shifting in the standard 
reduction in the mentioned works is different from Lrr. However, this difference is not sub¬ 
stantial, since it does not infiuence the contextual semantics. A more substantial difference 
is that Lrr combines recursive let with data constructors, case-expressions and seq, which 
none of the related works do. 

In |MS99] a call-by-need calculus is analyzed which is closer to our calculus Llr, since 
letrec, case, and constructors are present (but not seq). Another difference is that |MS99j 
uses an abstract machine semantics as operational semantics, while their approach to pro¬ 
gram equivalence is based on contextual equivalence, as is ours. 

The operational semantics of call-by-need lambda calculi with letrec are investigated 
in |Lau93| and |Ses97] . where the former proposed a natural semantics, and proved it correct 
and adequate with respect to a denotational semantics, and the latter derived an efficient 
abstract machine from the natural semantics. 

Investigations of the semantics of lazy functional programming languages including the 
seq-operator can be found in [JVOGl IVJ07| . 

Outline. In Sect. [2] we introduce some common notions of program calculi, contextual 
equivalence, similarity and also of translations between those calculi. In Sect. [3] we introduce 
the extension Lice of Abramsky’s lazy lambda calculus with case, constructors, and seq, 
and two letrec-calculi Lrr, Lname as further syntactic extensions. In Sect. 0 ] we show 
that for so-called “convergence admissible” calculi an alternative inductive characterization 
of similarity is possible. We then use Howe’s method in Lice to show that contextual 
approximation and a standard version of applicative similarity coincide. Proving that Lice 
is convergence admissible then implies that the alternative inductive characterization of 
similarity can be used for Lice- In Sect. [5] and [6] the translations W and N are introduced 
and the full-abstraction results are obtained. In Sect.[7]we show soundness and completeness 
of our variants of applicative similarity w.r.t. contextual equivalence in Lrr- We conclude 
in Sect. El 
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2. Common Notions and Notations for Calculi 

Before we explain the specific calculi, some common notions are introduced. A calculus 
definition consists of its syntax together with its operational semantics which defines the 
evaluation of programs and the implied equivalence of expressions: 

Definition 2.1. An untyped deterministic calculus D is a four-tuple (E,C,— 7 -,A), where E 
are expressions (up to a-equivalence), C ; E —>■ E is a set of functions (which usually repre¬ 
sents contexts), —)■ is a small-step reduction relation (usually the normal-order reduction), 
which is a partial function on expressions (he., deterministic), and A C E is a set of answers 
of the calculus. 

For C € C and an expression s, the functional application is denoted as ^[s]. For 
contexts, this is the replacement of the hole of C by s. We also assume that the identity 
function Id is contained in C with /d[s] = s for all expressions s, and that C is closed under 
composition, i.e. Ci, 6*2 € C Ci o (72 G C. 

The transitive elosure of —>■ is denoted as ^ and the transitive and reflexive closure 
of ^ is denoted as A-. The notation Ad;, means equality or one reduction, and means 
k reductions. Given an expression s, a sequence s —)■ si ^ Sn is called a reduction 

sequence; it is called an evaluation if Sn is an answer, i.e. Sn G A; in this case we say s 
eonverges and denote this as or as if Sn is not important. If there is no Sn s.t. 

then s diverges, denoted as s'f]'/). When dealing with multiple calculi, we often use 

the calculus name to mark its expressions and relations, e.g. -A denotes a reduction relation 
in D. 

We will have to deal with several calculi and preorders. Throughout this paper we 
will use the symbol ^ for co-inductively defined preorders {i.e. similarities), and < for 
(inductively defined or otherwise defined) contextual preorders. For the corresponding sym- 
metrizations we use ~ for ^ fl ^ and ~ for < PI >. All the symbols are always indexed by 
the corresponding calculus and sometimes more restrictions like specific sets of contexts are 
attached to the indices of the symbols. 

Contextual approximation and equivalence can be defined in a general way: 

Definition 2.2 (Contextual Approximation and Equivalence, <d and Let D = 

(E,C, — 7 >,A) be a calculus and si,S 2 be D-expressions. Contextual approximation (or eon- 
textual preorder) <£) and contextual equivalence are defined as: 

■si Ad S2 iff V(7 G C : (7[si]4,^ => C*[s 2 ]),£) 

■Sl ~D S2 iff Si <D S2 A S 2 <D Si 

A program transformation is a binary relation 77 C (E x E). A program transformation 
rj is called eorrect iff 77 C ~£). 

Note that <d is a precongruence, i.e., <d is reflexive, transitive, and s <d t implies 
C[s] <D C[f\ for all (7 G C, and that is a congruence, i.e. a precongruence and an 
equivalence relation. 

We also define a general notion of similarity coinductively for untyped deterministic 
calculi. We first define the operator Fd^q on binary relations of expressions: 

Definition 2.3. Let D = (E, C, —>■, A) be an untyped deterministic calculus and let Q C C 
be a set of functions on expressions {i.e. \/Q G Q : (5 : E —)■ E). Then the Q-experiment 
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operator Fd,q : —>• is defined as follows for r/ C E x E: 

siFD,Qi'n) S2 iS siijjvi 3v2.{s2-lv2A'^QGQ:Q{vi)r]Q{v2)) 

Lemma 2.4. The operator Fq^q is monotonous w.r.t. set inclusion, i.e. for all binary 
relations rji,rj 2 on expressions r]i C r ]2 => Pd,q{i]i) ^ -^d,q(?? 2 )- 

Proof. Let r]i C r ]2 and si L"d,q(7/i) S 2 . From the assumption si -Fd,q(7/i) S 2 the implication 
{s 2 -Id '^2 A'^Q € Q ■ Q{vi) Vi Q{v 2 )) follows. From r/i C r ]2 the implication 
siivi (s24'D^2 a VQ G Q : Q{vi) r ]2 Q{v 2 )) follows. Thus, si FQ{r] 2 ) S 2 - □ 

Since Fd,q is monotonous, its greatest fixpoint exists: 

Definition 2.5 (Q-Similarity, =4d,q)- The behavioral preorder =4d,q, called Q-similarity, 
is defined as the greatest fixed point of Fjo^q. 

We also provide an inductive definition of behavioral equivalence, which is defined as a 
contextual preorder where the contexts are restricted to the set Q (and the empty context). 

Definition 2.6. Let D = (E,C,^,A) be an untyped deterministic calculus, and Q C C. 
Then the relation <d,q is defined as follows: 

Si <D,Q S 2 iff Vn > 0 : \/Qi € Q : Ql{Q2{. ■ ■ (Qn(si))))i£) Ql{Q2{- ■ ■ (Qn(s2))))4'D 

Note that contextual approximation is a special case of this definition, i.e. <d = <d,c- 
Later in Sect ion [4T] we will provide a sufficient criterion on untyped deterministic calculi 
that ensures that ^d,q and <d,q coincide. 

We are interested in translations between calculi that are faithful w.r.t. the correspond¬ 
ing contextual preorders. 

Definition 2.7 f |SSNSS0^ ISSNSS09] L For i = 1,2 let (Ej, Q, —>- 1 ,A*) be untyped de¬ 
terministic calculi. A translation r : (Ei, Ci, ^i, Ai) —> (E 2 , C 2 , —>- 2 ) A 2 ) is a mapping 
: El —>■ E 2 and a mapping rc : Ci —> C 2 such that Tc{Idi) = /dg. The following 
properties of translations are defined: 

• T is compositional iff r(C'[s]) = 'r(C')[r(s)] for all C,s. 

• T is convergence equivalent iff s^i t(s)4.2 

• T is adequate iff for all G Ei: t(s) <2 T{t) s <1 t. 

• T is fully abstract iff for all s,t G Ei: s <i t t{s) <2 Tft). 

• T is an isomorphism iff it is fully abstract and a bijection on the quotients 

t/~:Ei/~ — E 2 / 

Note that isomorphism means an order-isomorphism between the term-models, where 
the orders are <1 /~ and <2 /~ (which are the relations in the quotient). 

Proposition 2.8 f |SSNSS08lISSNSS09| L Let (Ej,Q, —>■*,Ai) fori = 1,2 be untyped deter¬ 
ministic calculi. If a translation r : (Ei,Ci, —>- 1 , Ai) —>■ (Eg,C 2 , —>- 2 ) Ag) is compositional 
and convergence equivalent, then it is also adequate. 

Proof. Let s, t G Ei with t(s) <2 T{t) and let for some C G C. It is sufficient to show 

that this implies Convergence equivalence shows that t(C'[s])4 -2- Compositionality 

implies 'r(C')[r(s)]4-2, and then t(s) <2 T{t) implies T(C')[r(t)]4-2- Compositionality applied 
once more implies T{C[t])f 2 , and then convergence equivalence finally implies □ 
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3. Three Calculi 

In this section we introduce the calculi Lm, Lname, and Li^c- Llr is a call-by-need calculus 
with recursive let, data constructors, case-expressions, and the seq-operator. The calculus 
Lname ^as the Same syntactic constructs as Tlr, but uses a call-by-name, rather than a call- 
by-need, evaluation. The calculus does not have letrec, and also uses a call-by-name 
evaluation. 

For all three calculi we assume that there is a (common) set of data constructors c 
which is partitioned into types, such that every constructor c belongs to exactly one type. 
We assume that for every type T the set of its corresponding data constructors can be 
enumerated as cr,i, • • •, ct,\t\ where |r| is the number of data constructors of type T. We 
also assume that every constructor has a fixed arity denoted as ar(c) which is a non-negative 
integer. We assume that there is a type Bool among the types, with the data constructors 
False and True both of arity 0. We require that data constructors occur only fully saturated, 
i.e. a constructor c is only allowed to occur together with ar(c) arguments, written as 
(c Si ... Sar(c)) where Sj are expressions of the corresponding calculu^. We also write (c 
as an abbreviation for the constructor application (c si ... Sar(c))- All three calculi allow 
deconstruction via case-expressions: 

Casey S of (ct, 1 Xpi . . . Xi_ar(cT,i) Si) • • • (ct,|T| ■ ■ ■ X\T\,a.r{cT,\T\) '®T|) 

where s, st are expressions and Xij are variables of the corresponding calculus. Thus there is 
a caseT’-construct for every type T and we require that there is exactly one case-alternative 
{cT,i Xi^i ... Xjaj.(cTi) every constructor CT,i of type T. In a case-alternative 

{cT,i ... Xj^ar(cTi) ^all cr,i Xi^i ... Xi^s.r{cT i) ^ pattern and Sj the right hand 

side of the alternative. All variables in a case-pattern must be pairwise distinct. We will 
sometimes abbreviate the case-alternatives by alts if the exact terms of the alternatives are 
not of interest. As a further abbreviation we sometimes write if si then S 2 else S 3 for the 
case-expression {caseBool si of (True —>■ S 2 ) (False —S 3 )). 

We now define the syntax of expressions with letrec, i.e. the set IE£ of expressions 
which are used in both of the calculi Llr and Lname- 

Definition 3.1 (Expressions IE£). The set IE£ of expressions is defined by the following 
grammar, where x, Xi are variables: 

r, s, t, ri, Si, ti € E£ ::= x | (s t) | (Ax.s) | (letrec xi = si,..., x„ = s„ in t) 

I (c Si... Sar(c)) I (^sq s t) \ (casey s of alts) 

We assign the names application, abstraction, seq-expression, or letrec-expression to the 
expressions (s t), (Xx.s), (seq s t), or (letrec xi = si,..., x„ = s,i in t), respectively. 
A value v is defined as an abstraction or a constructor application. A group of letrec 
bindings is sometimes abbreviated as Env. We use the notation {xg(^i-^ = Sh(j)}r=m ^he 

chain = Sh(m), a:g(m+i) = Sh{m+i) Xg(n) = Shin) of bindings where g,h -.N are 

injective, e.g., {xi = Si_i}f^^ means the bindings Xm = Sm-i,Xm+i = Sm,---Xn = Sn-i- 
We assume that variables Xi in letrec-bindings are all distinct, that letrec-expressions 
are identified up to reordering of binding-components, and that, for convenience, there is 
at least one binding, letrec-bindings are recursive, i.e., the scope of Xj in (letrec x\ = 
si,..., Xn-i = Sn-i in Sn) are all expressions s, with 1 < z < n. 

^Partial applications of constructors of the form c si ... Sn (as e.g. available in Haskell) thus have to be 
represented by Aa;„+i ... si ... Sn Xn+i ■ ■ ■ 2 :ar(c)- 
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Cc denotes the set of all contexts for the expressions E/;. 

Free and bound variables in expressions and a-renamings are defined as usual. The set 
of free variables in s is denoted as FV{s). 

Convention 3.2 (Distinct Variable Convention). We use the distinct variable convention, 
i.e., all bound variables in expressions are assumed to he distinet, and free variables are 
distinet from bound variables. All reduetion rules are assumed to implicitly a-rename bound 
variables in the result if necessary. 

In all three calculi we will use the symbol D for the specihc (letrec-free) expression 
{Xz.{z z)) {Xx.{x x)). In all of our calculi D is divergent and the least element of the 
corresponding contextual preorder. This is proven in |SSSS08] for Llji and can easily be 
proven for the other two calculi using standard methods, such as context lemmas. Note 
that this property also follows from the Main Theorem 17.61 for all three calculi. 

3.1. The Call-by-Need Calculus Llj^. We begin with the call-by-need lambda calculus 
Llr which is exactly the call-by-need calculus of [SSSSOSj . It has a rather complex form 
of reduction rules using variable chains. The justihcation is that this formulation permits 
direct syntactic proofs of correctness w.r.t. contextual equivalence for a large class of trans¬ 
formations. Several modifications of the reduction strategy, removing indirections, do not 
change the semantics of the calculus, however, they appear to be not treatable by syntactic 
proof methods using diagrams (see |SSSS08] 1. L^/j-expressions are exactly the expressions 
E£. 

Definition 3.3. The reduction rules for the calculus and language Llr are defined in Fig. [21 
where the labels S, V are used for the exact definition of the normal-order reduction below. 
Several reduction rules are denoted by their name prefix: the union of (llet-in) and (llet-e) 
is called (llet). The union of (llet), (lapp), (lease), and (Iseq) is called (111). 

For the definition of the normal order reduction strategy of the calculus Lrr we use 
the labeling algorithm in Fig. [3] which detects the position where a reduction rule is applied 
according to the normal order. It uses the following labels: S (subterm), T (top term), V 
(visited), and W (visited, but not target). We use V when a rule allows two options for a 
label, e.g. stands for s labeled with S or T. 

A labeling rule I r is applicable to a (labeled) expression s if s matches I with the 
labels given by I, where s may have more labels than I if not otherwise stated. The labeling 
algorithm takes an expression s as its input and exhaustively applies the rules in Fig. |3| 
to s^ , where no other subexpression in s is labeled. The label T is used to prevent the 
labeling algorithm from descending into letrec-environments that are not at the top of the 
expression. The labels V and W mark the visited bindings of a chain of bindings, where 
W is used for variable-to-variable bindings. The labeling algorithm either terminates with 
fail or with success, where in general the direct superterm of the 5-marked subexpression 
indicates a potential normal-order redex. The use of such a labeling algorithm corresponds 
to the search of a redex in term graphs where it is usually called unwinding. 

Definition 3.4 (Normal Order Reduction of Llr)- Let s be an expression. Then a single 

normal order reduction step —> is defined as follows: first the labeling algorithm in Fig. [3| 
is applied to s. If the labeling algorithm terminates successfully, then one of the rules in 
Fig. [2] is applied, if possible, where the labels S, V must match the labels in the expression 
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(Ibeta) C'[((Ax.s)'^ t)] —)■ C'[letrec x = t in s] 

(cp-in) letrec xi = (Xx.s)^, {xi = C'[x^] 

—>■ letrec xi = (Ax.s),{xi = Xi_i}^2)(^[(Ax.s)] 

(cp-e) letrec xi = (Ax.s)'^, {x* = Xj-i}™ 2) Env, y = C[x^] in t 

—>■ letrec xi = (Ax.s), {xj = Xi_i}^2) Env,y = ^[(Ax.s)] in t 

(lapp) (^[((letrec Env in s)^ t)] —)• (^[(letrec Env in (s t))] 

(lease) C'[(case'r (letrec Env in s)^ of a^fs)] 

—>■ (^[(letrec Env in (case^ s of alts))] 

(Iseq) (^[(seq (letrec Env in s)^ f)] —?> (^[(letrec Env in (seq s f))] 

(llet-in) letrec Envi in (letrec Env2 in s)^ letrec Envi, Env2 in s 

(llet-e) letrec Envi,x = (letrec Env2 in s)^ in t letrec Envi, Env2,x = s in 

(seq-c) C[(seq s)] —)• (^[s] if x is a value 

(seq-in) (letrec xi = , {xj = Xi_i}”i2) Env in (^[(seq x)^ s)]) 

—>■ (letrec xi = v, {xj = Xj_i}”i2) Env in (^[s]) 
if X is a constructor application 

(seq-e) (letrec xi = , {xj = Xi_i}”i2) Env, y = (^[(seq x^^ s)] in t) 

—>■ (letrec xi = v, {xj = Xj_i}”i2) Env, y = (^[s] in t) 
if X is a constructor application 

(case-c) C[(caseT (c* l^)'^of ... {{a 1 ^) U )...)] ^[(letrec {yi = ^ in U)] 

if ar(cj) > 1 

(case-c) C[(case'r cf of ... {ci ^ ti )...)] ^ C[ti] if ar(ci) = 0 

(case-in) letrec xi = (cj ~^)^, {xj = Xj_i}™2) Env 
in C'[case'r x}^ of ... ((c* ~^) —t)...] 

^ letrec xi = (c* ^), {yi = Sj})Li, [xi = Xi_i}™2, Env 

in (^[(letrec [zi = in t)] if ar(ci) > 1 and where yi are fresh 


(case-in) letrec xi = cf, {xj = Xj_i}™2) Env in C'[case'r xf) ... (c* - 
—>■ letrec xi = Cj, {x* = Xi_i}™ 2; Env in C[t] if ar(ci) = 0 

(case-e) letrec xi = (cj ~^)^, {x* = Xj_i}™2) 


u = C[case7’ xf) of ... ((cj ~^) —)■ t)...], Env 


in r 


letrec xi = (c* ^), [yi = sjfli , [xi = Xi_i}™2> 
u = (^[(letrec {zi = in t)], Env 


in r 


t) 


if ar(cj) > 1 and where yi are fresh 

(case-e) letrec xi = cf, {x* = Xj_i}™ 2; = ^'[caser xf) ... {ci ^ t) ...], Env in r 
—>■ letrec xi = Cj, {x* = Xi_i }^2 ■ ■ ■ ,u = C[t], Env in r if ar(ci) = 0 


Figure 2: Reduction rules of Llr 
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(letrec Env in s)'^ 


(letrec Env in 


{s t) 5 vr 


tY 


(seq s tf^^ 


(seq tY 


(casGT’ s of alts)^^'^ 


{ca.seT of altsY 


(letrec x = s, Env in C[x‘^]) 


(letrec x = , Env in 


(letrec x = ,y = C'[x‘^], Env in t) 


fail 


(letrec x = C'[x‘^], Env in s) 


fail 


(letrec x = s,y = C[x^], Env in t) 


(letrec x = s'^, y = C[x^], Env 

in t) 



if C[x\ 7^ x 


(letrec x = s,y = x^, Env in t) 


(letrec x = , y = x^, Env in 

t) 


Figure 3: Labeling algorithm for Llr 


s (again s may have more labels). The normal order redex is defined as the left-hand side 

of the applied reduction rule. The notation for a normal-order reduction that applies the 
, . LR,a LRjlapp i /i \ 

rule a is->■, e.g. -applies the rule (lappj. 

The normal order reduction of Llu implements a call-by-need reduction with sharing 
which avoids substitution of arbitrary expressions. We describe the rules: The rule (Ibeta) 
is a sharing variant of classical /3-reduction, where the argument of an abstraction is shared 
by a new letrec-binding instead of substituting the argument in the body of an abstraction. 
The rules (cp-in) and (cp-e) allow to copy abstractions into needed positions. The rules 
(lapp), (lease), and (Iseq) allow moving letrec-expressions to the top of the term if they 
are inside a reduction position of an application, a case-expression, or a seq-expression. To 
flatten nested letrec-expressions, the rules (llet-in) and (llet-e) are added to the reduction. 
Evaluation of seq-expressions is performed by the rules (seq-c), (seq-in), and (seq-e), where 
the first argument of seq must be a value (rule seq-c) or it must be a variable which is bound 
in the outer letrec-environment to a constructor application. Since normal order reduction 
avoids copying constructor applications, the rules (seq-in) and (seq-e) are required. Cor¬ 
respondingly, the evaluation of case-expressions requires several variants: there are again 
three rules for the cases where the argument of case is already a constructor application 
(rule (case-c)) or where the argument is a variable which is bound to a constructor applica¬ 
tion (perhaps by several indirections in the letrec-environment) which are covered by the 
rule (case-in) and (case-e). All three rules have two variants: one variant for the case when a 
constant is scrutinized (and thus no arguments need to be shared by new letrec-bindings) 
and another variant for the case when arguments are present (and thus the arity of the 
scrutinized constructor is strictly greater than 0). For the latter case the arguments of the 
constructor application are shared by new letrec-bindings, such that the newly created 
variables can be used as references in the right hand side of the matching alternative. 

Definition 3.5. A reduction context Rlr is any context, such that its hole is labeled with 
5 or T by the L^ij-labeling algorithm. 

Of course, reduction contexts could also be defined recursively, as in [SSSSOS) Definition 
1.5], but such a definition is very cumbersome due to a large number of special cases. The 
labeling algorithm provides a definition that, in our experience, is easier to work with. 
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(gc) C[letrec {xi = in t] —>■ C[t], if FV(t) fl {xi,..., Xn} = 0 

(gc) Cfletrec {xi = {Vi = i in t] Cfletrec {yi = t*}™ ^ in f], 

if {FV{t) U U™ 1 FV{ti)) n {xi,..., x„} = 0 

(Iwas) ^[(s (letrec Env in t))] —?> (^[letrec Env in (s t)] 

(Iwas) C[{c Si ... (letrec Env in Sj)... s^)] —?> (^[letrec Env in (c si ... s* ... s„,)] 
(Iwas) (^[(seq s (letrec Env in i))] —>■ C[letrec Env in seq s t] 


Figure 4: Transformations for garbage collection and letrec-shifting 


By induction on the term structure one can easily verify that the normal order redex, 
as well as the normal order reduction, is unique. A weak head normal form in Lm (Lm- 
WHNE) is either an abstraction Ax.s, a constructor application (c si ... Sar(ci))j or an 
expression (letrec Env in v) where u is a constructor application or an abstraction, or 
an expression of the form (letrec xi = v, {xj = Xj_i}^ 2 ) Fnv in Xm), where v = (c 
We distinguish abstraction-WHNF (AWHNF) and constructor WHNF (CWHNF) based on 
whether the value v is an abstraction or a constructor application, respectively. The notions 
of convergence, divergence and contextual approximation are as defined in Sect. [2j If there 
is no normal order reduction originating at an expression s then This, in particular, 

means that expressions for which the labeling algorithm fails to find a redex, or for which 
there is no matching constructor for a subexpression (that is a WHNF) in a case redex 
position, or expressions with cyclic dependencies like letrec x = x in x, are diverging. 


Example 3 . 6 . We consider the expression si := letrec x = (y Xu.u),y = Xz.z in x. 
The labeling algorithm applied to si yields (letrec x = {y^ Xu.u)^,y = (Xz.z)^ in x^)^. 

The reduction rule that matches this labeling is the reduction rule (cp-e), i.e. si 
(letrec x = ((Xz'.z') Xu.u),y = (Xz.z) in x) = S 2 . The labeling of S 2 is (letrec x = 

((Xz'.z')^ Xu.u)^,y = (Xz.z) in x^)^, which makes the rule (Ibeta) applicable, i.e. S 2 
(letrec x = (letrec z' = Xu.u in z'),y = (Xz.z) in x) = S 3 . The labeling of S 3 is 
(letrec x = (letrec z' = Xu.u in z')^,y = (Xz.z) in x^)^. Thus an (llet-e)-reduction is 


LR 

applicable to S 3 , i.e. S 3 —)• (letrec x = z',z' = Xu.u,y = (Xz.z) in x) = S 4 . Now S 4 gets 
labeled as (letrec x = z''^,z' = (Xu.u)^,y = (Xz.z) in x^)^, and a (cp-in)-reduction is 

applicable, i.e. S 4 —>■ (letrec x = z',z' = (Xu.u),y = (Xz.z) in (Xu.u)) = S 5 . The labeling 
algorithm applied to S 5 yields (letrec x = z'^z' = (Xu.u),y = (Xz.z) in (Xu.u)^)^, but no 
reduction is applicable to S 5 , since S 5 is a WHNF. 


LR 

Concluding, the calculus Lm is defined by the tuple (E£,C£, — >,Alr) where Arr are 
the Liij-WHNFs, where we equate alpha-equivalent expressions, contexts and answers. 

In [SSSSOSj correctness of several program transformations was shown: 

Theorem 3.7 ( [SSSS08[ Theorems 2.4 and 2.9]). All reduction rules shown in Fig. are 
correct program transformations, even if they are used with an arbitrary context C in the 
rules without requiring the labels. The transformations for garbage collection (gc) and for 
shifting of letrec-expressions (Iwas) shown in Fig. are also correct program transforma¬ 
tions. □ 
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(letrec Env in s)^ 


(letrec Env in s^) if X is 5 or T 

{s f)5vr 


(s^ t) 

(seq s t)^^^ 


(seq s^ t) 

{casex s of alts)^^'^ 


(casej’ s^ of alts) 


Figure 5: Labeling algorithm for Lname 


(beta) C'[(Ax.s)‘^ t] —>■ 

(gcp) C'i[letrec Env, x = s in 6*2 [x‘^^^]] ^ C'i[letrec Env, x = s in 6*2 [s]] 

(lapp) (^[((letrec Env in s)^ t)] —> (^[(letrec Env in (s t))] 

(lease) C'[(case 7 ’ (letrec Env in s)^ of alts)] 

—>■ (^[(letrec Env in (case-r s of alts))] 

(Iseq) (^[(seq (letrec Env in s)^ t)] —>■ (^[(letrec Env in (seq s t))] 

(seq-c) (^[(seq s)] —>■ C[s] if x is a value 

(case) (^[(caseT (c Si . . . Sar{c))^ of . . . ((c Xi . . . Xar{c)) -^t )...)] 

C'[f[si/xi , . . . , S(jr-(c)/®ar(c)]] 


Figure 6: Normal order reduction rules of Lname 

3.2. The Call-by-Name Calculus Lname- Now we define a call-by-name calculus on E/;- 
expressions. The calculus Lname has E£ as expressions, but the reduction rules are different 
from Lir. The calculus Lname does not implement a sharing strategy but instead performs 
the usual call-by-name beta-reduction and copies arbitrary expressions directly into needed 
positions. 

In Fig. [5] the rules of the labeling algorithm for Lname ^.re given. The algorithm uses 
the labels S and T. For an expression s the labeling starts with 

An Lname reduction context Rname is any context where the hole is labeled T or 5 by 
the labeling algorithm, or more formally they can be defined as follows: 

Definition 3.8. Reduction contexts Rname are contexts of the form L[A] where the context 
classes A and C are defined by the following grammar, where s is any expression: 

L £ C ::= [•] I letrec Env in L 
A £ A ::= [•] I (A s) I (casej- A of alts) ] (seq A s) 

Normal order reduction of Lname is defined by the rules shown in Fig. [6] where 

the labeling algorithm according to Fig. [5]must be applied first. Note that the rules (seq-c), 
(lapp), (lease), and (Iseq) are identical to the rules for Llr (in Fig. [2]), but the labeling 
algorithm is different. 

Unlike Lm, the normal order reduction of Lname allows substitution of arbitrary ex¬ 
pressions in (beta), (case), and (gcp) rules. An additional simplification (compared to 
Llr) is that nested letrec-expressions are not flattened by reduction {i.e. there is no 
(llet)-reduction in Lname)- As in Llji the normal order reduction of Lname has reduction 
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rules (lapp), (lease), and (Iseq) to move letrec-expressions out of an application, a seq- 
expression, or a case-expression. 

Note that is unique. An L„ame-WHNF is defined as an expression either of the 

form L[Ax.s] or of the form L[(c si ... S(ir(c))] where L is an £ context. Let ^name be the 

set of Lriame-WHNFs, then the calculus Lname is defined by the tuple (E/;, C/;, Aname) 

(modulo a-equivalence). 

3.3. The Extended Lazy Lambda Calculus Lice- In this subsection we give a short de¬ 
scription of the lazy lambda calculus [AbrQD] extended by data constructors, case-expressions 
and seq-expressions, denoted with Lice- Unlike the calculi Lname and Llr, this calculus 
has no letrec-expressions. The set Ea of L^cc-expressions is that of the usual (untyped) 
lambda calculus extended by data constructors, case, and seq: 

r, s, t, Vi, Si,ti € Ea ::= x | (s t) | (Ax.s) | (c si... Sar(c)) I (case^ s of alts) \ (seq s t) 

Contexts Ca are EA-expressions where a subexpression is replaced by the hole [•]. The 
set Alec of answers (or also values) are the L^cc-abstractions and constructor applications. 
Reduction contexts TZrc are defined by the following grammar, where s is any EA-expression: 

Rice G Rlcc ■= [•] I {Rlcc s) I caser Rice of alts I seq Rice s 

An -^-reduction is defined by the three rules shown in Fig. [TJ and thus the calculus 
Lice is defined by the tuple (Ea,Ca, A^^c) (modulo a-equivalence). 


(nbeta) Ricc[{{Xx.s) t)] Ricc[s[t/x]] 

(ncase) R;cci(caser (c Si . . . Sar(c)) of . . . ((c Xi . . . Xar(c)) -^t )...)] 
t[si/xi ,.. 

■ ? '®ar(c)/^ar(c)] 

(nseq) i?;cc[seq v s] Ricc[s], if v is an abstraction or a constructor application 


Figure 7: Normal order reduction 


Icc 


of Lice 


4. Properties of Similarity and Equivalences in Lice 

An applicative bisimilarity for Lice and other alternative definitions are presented in subsec¬ 
tion [421 As a preparation, we first analyze similarity for deterministic calculi in general. 

4.1. Characterizations of Similarity in Deterministic Calculi. In this section we 
prove that for deterministic calculi (see Def. 12.11) , the applicative similarity and its general¬ 
ization to extended calculi, defined as the greatest fixpoint of an operator on relations, is 
equivalent to the inductive definition using Kleene’s fixpoint theorem. 

This implies that for deterministic calculi employing only beta-reduction, applicative 
similarity can be equivalently defined as s ^ t, iff for all n > 0 and closed expressions r,, i = 
1 ,..., n, the implication (s ri... rn)\rD {t ri... holds, provided the calculus is 

convergence-admissible, which means that for all r: (s r)\,jjv 4=^ : s\,£)V' A {v' r)\.^v 

(see Def. 14. 5p . 
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This approach has a straightforward extension to calculi with other types of reductions, 
such as case- and seq-reductions. The calculi may also consist of a set of open expressions, 
contexts, and answers, as well as a subcalculus consisting of closed expressions, closed 
contexts and closed answers. We will use convergence-admissibility only for closed variants 
of the calculi. 

In the following we assume D = (E,C,^,A) to be an untyped deterministic calculus 
and Q C C be a set of functions on expressions. Note that the relations ^d,q and <d,q 
are defined in Definitions 12.51 and 12.61 respectively. 

Lemma 4.1. For all expressions si,S 2 € E the following holds: si =4d,q S 2 if, and only if 

siijjvi A VQ € Q : Q(ni) Q(f2))- 

Proof. Since ^d,q is a fixpoint of Fd^q, we have ^d,q = -^d,q(^d,q)- This equation is 
equivalent to the claim of the lemma. D 

Now we show that the operator F^^q is lower-continuous, and thus we can apply 
Kleene’s fixpoint theorem to derive an alternative characterization of =4d,q- 

For infinite chains of sets Si,S 2 ..., we define the greatest lower bound w.r.t. set- 

OO 

inclusion ordering as glb(5i, S 2 , ■ ■ ■) = fl 'S'i- 

i=l 

Proposition 4.2. Fq is lower-eontinuous w.r.t. eountahly infinite deseending ehains C = 
^1 D 772 D ..., i.e. glb(FQ(C)) = FQ(glb(C)) where Fq{C) is the infinite descending ehain 
Fq{vi) D FQ{r]2) D .... 

CX> 

Proof. “D”: Since glb(C') = f] r/j, we have for all i\ glb(C') C rg. Applying monotonicity 

i=l 

00 

of Fq yields FQ(glb(C')) C FQ^pi) for all i. This implies FQ(glb(C')) C P| FQ{r]i), i.e. 
FQ{glh{C)) C glb(FQ(C)). 

“C”: Let (si, S 2 ) G glb(F'Q(C)), i.e. for all i: (si, S 2 ) G FQiVi)- Unfolding the definition 
of Fq gives: Vf : si4,£)Ui {s 2 i£)V 2 € Q ■ Q{vi) r]iQ{v 2 )). Now we can move 

the universal quantifier for i inside the formula: si4-£)Ui => ('S24'D^2 A VQ G Q : Vi: 

OO 

Q{vi) rji Q{v 2 )). This is equivalent to ('S24'D^2 A VQ G Q : Q{vi) ( f] rg) Q{v 2 )) 

i=l 

orsilijUi (s24-d^2AVQ G Q: {Q{vi),Q{v 2 )) G glb(C')) and thus (si, S 2 ) G F'Q(glb(C')). 

□ 

Definition 4.3. Let =4D,Q,i for z G No be defined as follows: 

^D,Q,o = E X E and ^D,Q,i = * > 0 

OO 

Theorem 4.4. = fl <D,Q,i 

i=l 

Proof. The claim follows from Kleene’s fixpoint theorem, since Fq is monotonous and lower- 
continuous, and since C ^D,Q,i for all i > 0. □ 

This representation of =4d,q allows inductive proofs to show similarity. Now we show 
that Q-similarity is identical to <d,q under moderate conditions, i.e. our characterization 
result will only apply if the underlying calculus is convergence-admissible w.r.t. Q: 

Definition 4.5. An untyped deterministic calculus (E,C,—>',A) is convergence-admissible 
w.r.t. Q if, and only if MQ G Q, s G E, u G A : Q{s)\.qV : sf^v' A Q{v')\.qV 
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Convergence-admissibility can be seen as a restriction on choosing the set Q\ In most 
calculi (subsets of) reduction contexts satisfy the property for convergence-admissibility, 
while including non-reduction contexts into Q usually breaks convergence-admissibility. 

Lemma 4.6. iyet(E, C,^,A) be convergence-admissible w.r.i. Q. Then the following holds: 

• Si <d,q S 2 => Q(si) <D,Q Q{s 2 ) for all Q & Q 

• Si <_d,Q S2,Si4-D^^1> and S2iDV2 Vi<d,QV2 

Proof. The first part is easy to verify. For the second part it is important that D is deter¬ 
ministic. Let Si <d,q S 2 , and si4,£)Ui, S 2 io ''^2 hold. Assume that Qi{... (<3n(i'i)))4'_D'^i for 
some n > 0 where all Qi G Q. Convergence-admissibility implies Qi{. ■ ■ ((Qn(si))))4'£)r'i. 
Now Si <d,q S 2 implies Qi{... {Qn{s 2 )))iD'>^ 2 - Finally, convergence-admissibility (applied 
multiple times) shows that S24'D^2 and Qi{... (Qn(i^ 2 ))) 4 'D ^2 holds. □ 

We prove that =4d,q respects functions Q € Q provided the underlying deterministic 
calculus is convergence-admissible w.r.t. Q: 

Lemma 4.7. Let (E,C,^,A) be convergence-admissible w.r.t. Q. Then for all si,S 2 G E : 
•si ^D,Q S 2 Q(si) ^D,Q Q{s 2 ) for all Q £ Q 

Proof. Let si ^d,q S 2 , Qo G Q, and (5 o(si)4'_d'^i- Fy convergence admissibility holds 

and Qo('^’i)iD^i- Since si ^d,q S 2 this implies S 2 i£)n 2 and for all Q G Q : Q{vi) ^d,q Q{v 2 )- 
Hence, from Qo{v'i)\.£,vi we derive ( 5 o(^ 2 )iD^ 2 - Convergence admissibility now implies 
Qo{s2)iDV2- 

It remains to show for all Q £ Q: Q{vi) ^d,q Q{v 2 )- Since Qo{v'i)\r£,vi and < 3 o(^^ 2 )' 1 'D^ 2 , 
applying Lemma|lT]to QQ{vf) 4 d,q Qo{v 2 ) implies Q{vi) 4 d,q Q{v 2 ) for all Q £ Q. □ 

We now prove that <d,q and Q-similarity coincide for convergence-admissible deter¬ 
ministic calculi: 

Theorem 4.8. Let (E, C, —;>,A) be convergence-admissible w.r.t. Q. Then <d,q = ^d,q- 

Proof. “C”: Let si <d,q S 2 - We use Theorem 14.41 and show si =4D,Q,i S 2 for all i. We use 
induction on i. The base case {i = 0) obviously holds. Let i > 0 and let si4,£)Ui. Then 
■si <D,Q S 2 implies S 2 iDV 2 . Thus, it is sufficient to show that Q{vi) Q{v 2 ) for all 

(5 G Q: As induction hypothesis we use that si <d,q S 2 si S 2 holds. Using 

Lemma IT 6 l twice and si <d,q S 2 , we have Q{vi) <d,q Q{v 2 )- The induction hypothesis 
shows that Q{vi) Q{v 2 ). Now the definition of ^D,Q,i is satisfied, which shows 

■Sl =4D,Q,i S2. 

“D”: Let si =4d,q S 2 - By induction on the number n of Q-contexts we show Vn, Qi £ Q : 
Qii- ■ ■ {Qn{si)))iD Qi(- ■ ■ (Qn(s2)))4'D- The base case follows from si =4d,q S 2 - For 
the induction step we use the following induction hypothesis: ti ^d,q ^2 Vj < n,Qi £ 
Q : (5i(... (Qj(ti)))|^ Qi{... {Qj{t 2 )))iD ior all ti,t 2 . Let (5i’(... (Qn(si)))iD- From 
Lemma Ml we have ri =4d,q ^ 2 , where r* = Qn{si). Now the induction hypothesis shows 

that Qi(... (Qn-i(n)))iD Qi(... ((5„_i(r2)))|£, and thus Qi(... (Qn('S 2 )))lD- □ 
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— Icc 
^Icc 
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Icc^Qiq, 

<° 

Icc^Qlf-, 


contextual preorder in Icc 
open extension of similarity in Icc 
co-inductively defined candidate rela¬ 
tion for Howe’s technique 
open extension of Q-similarity in Lice 
with Q = Qicc 

open extension of contextual preorder in 
Lice restricted to contexts Qicc 


Figure 8: Structure of soundness and completeness proofs for similarities in Li^c- The =!= 
indicates a required equality which can only be proved via Howe’s technique. 


4.2. Applicative Simulation in Li^c- In this section we will show that applicative simi¬ 
larity and contextual preorder coincide in Lice- 

Notation. In abuse of notation we use higher order abstract syntax as e.g. in [How89] 
for the proof and write r(..) for an expression with top operator r, which may be all possible 
term constructors, like case, application, a constructor, seq, or A, and 9 for an operator 
that may be the head of a value, i.e. a constructor or A. 

Definition 4.9. For a relation rj on closed Ey-expressions r]° is the open extension on Lice- 
For (open) Ey-expressions si,S 2 , the relation si r/° S 2 holds, if for all substitutions a such 
that (t(si), (t(s 2 ) are closed, the relation cr(si) r/ o'(s 2 ) holds. Conversely, for binary relations 
on open expressions, {fj,y is the restriction to closed expressions. 

We say a binary relation jjL is operator-respecting, iE Si fi U for i = 1,... ,n implies 

r(si,...,Sn) fi T(ti,. . . ,tn). 

Note that r and 6 may also represent the binding A using \{x.s) as representing Xx.s. 
For consistency of terminology and treatment with that in other papers such as |How89| . 
we assume that removing the top constructor Ax in relations is done after a renaming. For 
example, Xx.s fi Xy.t is renamed before further treatment to Xz.s[z/x\ fi Xz.t[z/y] for a fresh 
variable c. 

Plan of Subsection 14.21 We start by explaining the subgoals of the soundness and 
completeness proofs for similarities in and its structure, illustrated in Fig. [8l The main 
result we want to show is that contextual preorder <icc and coincide, where =4°cc Qi 

is the open extension of ^icc,Qicci ^icc,Qicc is Q-similarity introduced in Definition 12.51 
instantiated with the subcalculus of Lice which consists of closed expressions, closed contexts, 
and closed answers, and Qicc is a specific set of small closed L/cc-contexts. Q-similarity does 
not allow a direct proof of soundness and completeness for contextual equivalence using 
Howe’s method [How89( IHow96] . since it is not stated in terms of the syntactic form of 
values derived by evaluation. We overcome this obstacle by defining another similarity ^icc 
in Lice for which we will perform the proof of soundness and completeness w.r.t. contextual 
preorder. Since the definition of =4icc does not obviously imply that ^icc is a precongruence, 
a candidate relation ^cand is defined, which is trivially compatible with contexts, but needs 
to be shown to be transitive. After proving ^cand= ^°cc^ that 4°icc is a precongruence, 
soundness of =4°cc w.r.t. contextual preorder <icc follows. Completeness can then also be 
proven. In a second step we prove that is sound and complete for contextual 

equivalence, i.e.<icc = ^IccQicc' showing that Lice is convergence-admissible we are 
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also able to show that the inductive description <icc,Qi^^ of Q-similarity coincides with 

^lcc,Qicc- 

Another obstacle is that the contextual preorder contains the irregularity Xx.Q <icc 
c Si... Sn for any constructor c. This requires an adapted definition of the similarity relation, 
and a slightly modihed proof route. 

In the following let cBot be the set of E;,-expressions s with the property that for all 
E^-substitutions a: if it(s) is closed, then That Xx.s <icc {c si... Sn) indeed holds 

is shown in Proposition 14.321 Now we dehne an applicative similarity =4icc fo -^kc analogous 
to |How89l IHow96] . where this irregularity is taken into account. 

Definition 4.10 (Similarity in T/cc)- Let rj he a binary relation on closed E;,-expressions. 
Let Flee be the following operator on relations on closed E;,-expressions: 
s Fiec{r]) t holds iff 

• s-lieeXx.s' ( theeXx.t' and s' 7]° t', or 

tiieeic ... t'^) and s' € cBot) 

• ®'l'Zcc(c Si • • • s(j) ( t^ieeic t'^... t'^) and the relation r] holds for all i) 

Similarity ^lec is defined as the greatest fixpoint of the operator Fiec- Bisimilarity c:^ice 
is defined as s cr^iec f iff s =4icc t Xt ^ice s. 

Note that the operator Fiee is monotone, hence the greatest fixpoint exists. 

4.2.1. Similarity and Contextual Preorder Coincide in Liec- Although applying Howe’s proof 
technique is standard, for the sake of completeness, and to demonstrate that the irregular¬ 
ity Xx.Q <iec {c Si ... Sn) Can also be treated, we will explicitly show in this section that 
^°cc ~ —icc using Howe’s method [How89t rHow96| . 

Lemma 4.11. For a relation rj on closed expressions it holds ((?/)°)'^ = rj, and also s r]° t 
implies a{s) r]° a{t) for any substitution a. For a relation p, on open expressions, fi C 
((/i)'^)° is equivalent to s pL t => a{s) a{t) for all closing substitutions a. □ 

Proposition 4.12 (Co-Induction). The principle of co-induction for the greatest fixpoint 
of Flee shows that for every relation g on closed expressions with rj C Fieeir]), we derive 
rj C ^lee- This obviously also implies {ri)° C {^iee)°- □ 

The hxpoint property of =4icc implies: 

Lemma 4.13. For a closed value Oi{si ,..., Sn), and a closed term t with di(si,..., s„) =^ice 
t, we have tfiee 02 (H, • • • Tn); ond there are two cases: 

(1) 0i = 02 are constructors or X and Si U for all i. 

(2) 0i(si,..., Sn) = X(x.s) with s € cBot and O 2 is a constructor. 

Lemma 4.14. For two expressions s,t: s G cBot implies s =4°ee Thus any two expressions 
s,t cBot are bisimilar: s t. Q 

Particular expressions in cBot are (case (Xx.s) alts) and (c(si,..., s„) ai... am) for 
m > 1; also s € cBot implies that (s t), (seq s t), (case s alts) and a{s) are also in cBot. 

Lemma 4.15. The relations ^icc and =4°cc ore reflexive and transitive. 

Proof. Reflexivity follows by showing that r] := U {(s,s) | s € Ea,s closed} satisfies 
V F Ficcig). Transitivity follows by showing that r] := =4icc U (^zee ° ^icc) satisfies 
h ^ Ficcih) uud then using the co-induction principle. □ 
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The goal in the following is to show that =4icc is a precongruence. This proof proceeds 
by defining a precongruence candidate ^cand as a closure of =4icc within contexts, which 
obviously is operator-respecting, but transitivity needs to be shown. By proving that 
and =4cand coincide, on the one hand transitivity of =4cand follows (since ^icc is transitive) 
and on the other hand (and more importantly) it follows that is operator-respecting 
(since =4cand is operator-respecting) and thus a precongruence. 

Definition 4.16. The precongruence candidate ^cand is a binary relation on open expres¬ 
sions and is defined as the greatest fixpoint of the monotone operator F^and on relations on 
all expressions: 

(1) X Fcandiv) S iff iC <°lcc 

(2) r(si,..., Sn) Fcandiv) s iff there is some expression r(s'^,..., s'^) =4°cc ^ with s, r] for 
i = 1,... ,n. 

Lemma 4.17. If some relation rj satisfies rj C Fcandiv); lhe.n rj C =4cand- HH 

Since =4cand is a fixpoint of F^and-, we have: 

Lemma 4.18. 

(1) X ^cand S iff X S. 

(2) r(si, ...,Sn) =4cand s iff there is some expression t{s[, s with Si =4cand s[ 

for i = 1,... ,n. □ 

Some technical facts about the precongruence candidate are now proved: 

Lemma 4.19. The following properties hold: 

(1) 4 cand is reflexive. 

(2) -4cand and {^candY are operator-respecting. 

(3) ^Icc — ^cand and ^Icc ^ (^cand) • 

(4) ^cand ® — ^cand' 

(5) (s ^cand S At ^cand i ) '' t[s/x] ^cand i [s 7^:]. 

( 6 ) s =4cand t implies that a{s) =4cand o'it) for every substitution a. 

(7) ^cand F {{^candYY 

Proof. Parts ([I|) - ([3]) can be shown by structural induction and using reflexivity of ^^cc- 
Part dH follows from the dehnition, Lemma 14.181 and transitivity of 

For part ([5]) let rj := ^cand U {{r\s/x\,r'\s'/x\) \ r ^cand ’>"'}■ Using co-induction it suf¬ 
fices to show that r] C Fcandih)- fa the case x =4cand we obtain x from the defi¬ 

nition, and s' '<''[s'/x] and thus x[s/x\ ^cand r'\s'/x\. In the case y ^cand we obtain 
y froai the definition, and y[s/x\ = y '<''{s'/x] and thus y = y{s/x\ =4cand r'\s'/x\. 

If r = r(ri,... ,rn), r ^cand r' and r[s/x\ p r'[s'/x\, then there is some r(r^,... ,r(j) 
with Vi ^cand Y' W.l.o.g. bound variables have fresh names. We have ri[s/x\ rj r'[s'/x] and 
r(r'^,.. .,r'^)[s'/x\ r'[s'/x]. Thus r[s/x] F^andiv) r'[s'/x]. 

Part ([6]) follows from item ([5|). Part ([7]) follows from item ([6]) and Lemma 14.111 Q 

Lemma 4.20. The middle expression in the definition of =4cand can be chosen to be closed if 
s, t are closed: Let s = t(si, ..., Sar(T)); such that s =4cand t holds. Then there are operands 
s', such that ..., closed, Vf : s* =4cand s'^ and t{s'^, ..., ^ 
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Proof. The definition of ^cand implies that there is an expression , Sar(r)) such that 

Si = 4 cand s'f for all i and r(s",..., ^ substitution with a{x) := 

for all X G FV (r(s'/,..., 'Sar(T)))’ is any closed expression. Lemma fd. 191 now shows 

that Si = C7{si) ^cand u(s") holds for all i. The relation (T(r(s",..., t holds, 

since t is closed and due to the definition of an open extension. The requested expression 
is T(o-(s;'),...,o-(s"^(^P). □ 


Since reduction 


Icc 


is deterministic: 


Lemma 4.21. If s s', then s' =4°cc ^ ^ ■ 

Lemmas 14.211 and 14.191 imply that =4cand is right-stable w.r.t. reduction: 

Lemma 4.22. If s ^cand t and t t', then s ^cand t'. 


□ 

□ 


We show that ^cand is left-stable w.r.t. reduction: 

Lemma 4.23. Let s,t be closed expressions such that s = 6 {si,..., Sn) is a value and 
s ^cand t- Then there are two possibilities: 

(1) s = Ax.Si and tfi^c{ti,... ,tn), where c is a constructor; 

(2) there is some closed value t' = 0(ti ,... ,tn) with t t' and for all i : Si = 4 cand U- 

Proof. The definition of ^cand implies that there is a closed expression 9{t'i,... ,t'^) with 
Si ^cand t'i for all i and ..., ^icc t. Lemma [4.131 implies that hence either 

t > c{t'(,... ,t'f) or t Xx.t'(. 

• First let 0 = A. The case t c{t'(,... ,t'f) is possibility ([I]) of the lemma. 

In the second case, t - ^ - *> \x.t'{, Lemma 14.221 implies Ax.si ^cand Xx.t'{. Definition 
of ^cand und Lemma [4.201 now show that there is some closed Xx.t'f with si ^cand t'l 
and Xx.t'C ^icc Xx.t'(. The latter relation implies t'” t'(, which shows s'^ =4cand t'l by 

Lemma 14.191 (|4j) . 

• If 0 is a constructor, then there is a closed expression 0{t'^,... ,t'^) with Si =4cand t'i for 

all i and 9{t'i, ..., =4icc t- The properties of =4icc imply that t 9{t'l,... ,t'f) with 
t'i =4icc t'l for all i. By definition of ^cand and Lemma [4. 191 (141) . we obtain Si =4cand tf for 
all i. □ 

Proposition 4.24. Let s,t be closed expressions, s ^cand t and s s' where s is the 
redex. Then s' =4cand t. 

Proof. The relation s =4cand t implies that s = r(si,... ,s„) and by Lemma [4.201 there is 
some closed t' = T{t'^,... ,t'n) with s* ^cand t'i for all i and t' t. 

• For the (nbeta)-reduction, s = (si S 2 ), where si = (Ax.s'^), S 2 is a closed term, and 
t' = {t'l t' 2 ). The relation (Ax.s'^) = si =4cand t'l implies that there exists a closed expression 
Xx.t'l t'l with s'l =4cand t'l. 

o The first case is t'l > c(...) and t'l G cBot. Lemma [4.191 implies Ax.s'j^ =4cand Xx.t'l, 
and again by Lemma [4.19l we derive s'i[s 2 /x\ =4cand t'l[s 2 /x], where t'l[s 2 /x] G cBot. Then 

tl[s 2 /x] t by Lemma [4. 141 which implies s'i[s 2 /x\ ^cand t. Since s s'^[s 2 /x], the 
lemma is proven for this case. 
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o The second case is > Xx.t'” with t'l t'”. We also obtain Xx.t'", and 

by the properties of =4°cc w.r.t. reduction, also t'{[t' 2 /x\ =4°cc t'l [t 2 / x]. From t' t'" [t 2 /x] 

we obtain t'i[t 2 /x] =4icc t. Lemma [4.191 and transitivity of =4icc now show s'i[s 2 /x\ =4cand 
ti[t 2 /x]. Hence s'i[s 2 /x\ =4cand t, again using Lemma [4. 191 

• Similar arguments as for the second case apply to the case-reduction. 

• Suppose, the reduction is a (nseq)-reduction. Then s ^cand t and s = (seq si 52 )- Lemma 
l4.20l imDlies that there is some closed (seq t'l ^°cc ^ with Si =4cand t[. Since si is a value, 

Lemma [4.231 shows that there is a reduction t'l t", where t'l is a value. There are the 

reductions s —> S 2 and (seq t'l t' 2 ) —^ (soq t" t’ 2 ) —^ ^ 2 - Since t '2 (seq t'l t' 2 ) t, 
and S 2 <cand t' 2 , we obtain S 2 -4cand t- □ 

Proposition 4.25. Let s,t be closed expressions, s ^cand t and s s'. Then s' ^cand t. 

Proof. We use induction on the length of the path to the redex. The base case is proven 
in Proposition 14.241 Let i?[s],t be closed, R[s] ^cand t and R[s] R[s'], where we 

assume that the redex s is not at the top level and that R is an L/cc-reduction con¬ 
text. The relation R[s] =4cand t implies that R[s] = t{si, ..., Sn) and that there is some 

closed expression t' with t' = rit'i ,... t with Si ^cand t'^ for all i. If Sj s'-, 

then by induction hypothesis s'- ^cand t'j. Since ^cand is operator-respecting, we also ob¬ 
tain R[s'] = t(si, ... ,Sj_i,s'-,Sj+i,... ,Sn) =4cand T(t'^,...,t'-_i,t'-,,...,, and from 
T{t'i, ...,t'J t we have i?[s'] = r(si,..., Sj_i, s', s^+i, ...,Sn) =4cand t. □ 

Lemma 4.26. If Xx.s,Xx.t are closed, Xx.s ^cand Xx.t, and t G cBot, then also s G cBot. 

Proof. For any closed r, we also have (Ax.s) r ^cand (Xx.t) r, since ^cand is operator- 

respecting. From t G cBot, we obtain that {{Xx.t) Now suppose that {Xx.s) r > s', 

where s' is a value. Lemma 14.251 implies that s' ^cand {Xx.t) r. Now Lemma 14.231 shows 
that this is impossible. Hence s G cBot. Q 

Now we can prove an improvement of Lemma l4.23t 

Lemma 4.27. Let s,t be closed expressions such that s = 6 {si,..., Sn) is a value and 
s ^cand t. Then there are two possibilities: 

(1) s = Ax.si, tfi^^c{ti,... ,tn) where c is a constructor, and si G cBot. 

(2) there is some closed value t' = 6 {ti,... ,tn) with t - ^ - *> t' and for all i : Si =4cand ti. 

Proof. This follows from Lemma 14.231 and Lemma 14.261 D 

Now we are ready to prove that the precongruence candidate and similarity coincide. 
Theorem 4.28. {^cand) ^icc and ^cand ^icc' 

Proof. Since =4icc ^ {^cand)'^ by Lemma [4. 191 we have to show that {^cand)'^ ^ ^icc- There¬ 
fore it is sufficient to show that {^cand)'^ satisfies the fixpoint equation for =4icc- We 
show that (^cand)'" C Ficc{{^cand)'')- Let s {^cand)" t for closed terms s,t. We s how 
that s Ficc{{<cand)'') t: If s ilicc, then s F’kc((^cand)‘') t holds by Definition 14.101 If 
sficc9{si, ... ,Sn), the n 9{si , ... ,Sn) {=4cand)'' t by Proposition 14251 
Lemmas 14.251 and 14.271 show that there are two possibilities: 

• t c{ti,... ,tn) for a constructor c, s4,;^^Ax.si, and si G cBot. 
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• t e{ti,... ,tn) and for all i : Si =4cand U. 

This implies s Ficdi^candY) t- Thus the fixpoint property of {^candY w.r.t. Ficc holds, and 
hence {^cand) — 

Now we prove the second part. The first part, {^candY ^ ^icc, implies {{^candTT ^ 
=4°^^ by monotonicity. Lem ma [4T 9] ([7]) implies =4cand F {{4candTT ^ The other 

direction is proven in Lemma 14.191 ([3]) . D 

Since is reflexive and transitive iLemma I4.15P and {^candY is operator-respecting 
iLemma 14.191 (f2])L this immediately implies: 

Corollary 4.29. is a precongruence on expressions E;,. If a is a substitution, then 
s t implies a{s) a{t). □ 

Lemma 4.30. <cc C <kc. 

Proof. Let s,t be expressions with s t such that C[s]4-;cc- Let <7 be a substitution that 
replaces all free variables of C[s],C'[t] by H. The properties of the call-by-name reduction 
show that also (t(C'[s])4-;cc. Since cj(C[s]) = cr(C')[cj(s)], a{C[t]) = a{C)[a{t)] and since 
(t(s) <7(t), we obtain from the precongruence property of that also (7(C'[s]) ^icc 

(j{C[t]). Hence a{C[t])fi^^. This is equivalent to C\t\fi^^, since free variables are replaced 
by H, and thus they cannot overlap with redexes. Hence F < 1 ^^.. □ 

Corollary 4.31. s s' implies s ^icc s'. Thus the reduction rules of the calculus Li^c 
are correct w.r.t. in- context. 

Proof. This follows from Lemmas 14.211 and 14.801 Q 

Now we show a characterization for E^-expressions, which includes the previously men¬ 
tioned irregularity of <icc. 

Proposition 4.32. Let s be a closed Li^c-expression. Then there are three cases: s ^icc LI, 
s ^icc Ax.s' for some s', s ^icc (c si... Sn) for some terms si,..., s^ and constructor c. 

For two closed Lh-c-expressions s, t with s <icc t: Either s ^icc or s ^icc (c si... s^), 
t ^icc (c ti... tn) and Si <icc ti for all i for some terms si,..., Sn,ti,... ,tn and constructor 
c, or s ^icc Ax.s' and t Ax.t' for some expressions s',t' with s' <1^^ t', or s ^icc Ax.s' 
and t ^icc {c ti... tn) for some term s' € cBot, expressions ti,... ,tn and constructor c. 

Proof. We apply Lemma 14.301 Corollary 14.311 then shows that using reduction the classifi¬ 
cation of closed expressions into the classes w.r.t. ^icc holds. 

For two closed L/cc-expressions s,t with s L we obtain the classification in the 
lemma but with instead of <zcc- For the three cases s ~;cc LI, both s,t are equivalent 
to constructor expressions, and both s,t are equivalent to abstractions, we obtain also that 
s <icc t- In the last case Ax.s' ^icc {c si... Sn), we also obtain from the ^/cc-definition, that 
it is valid and from Lemma 14.301 that it implies Ax.s' <icc (c si... Sn). Other combinations 
of constructor applications, abstractions and H cannot be in <;cc-relation: 

• {c ti... tn) ^icc and Ax.s ^icc H since the empty context distinguishes them. 

• (ci Si... Sn) ^icc (c 2 ti ... tm). Let C := case-r [•] (ci xi... Xn —S' Ay.y) alts where all al¬ 
ternatives in alts have right hand side Ll. Then C\{ci si... Sn)]i;cc but C'[(c 2 ti ... tm)\f\icc- 

• (c Si... Sn) ^icc (c ti... tn) if Sj ^icc tp. Let Context D be the witness for Sj ^/cc ti- Then 
C = case-r [•] (c xi ... Xn —> D\xi]) distinguishes (c si... Sn) and (c ti ... tn) 

• (c Si... Sn) ^kc (Ax.t): The context case-p [•] (c xi ... Xn —>■ Ay.y) alts is a witness. 
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• Xx.s ^icc Xx.t if s ^icc t: Let D be the witness for s ^icc t. Then C = L)[([-] x)] 
distinguishes Xx.s and Xx.t. 

• Xx.s ^icc {c ti ... tn) if s ^ cBot: Since s 0 cBot and FV{s) C {x}, there exists a closing 

substitution cr = {x e-)- r} such that For the context C = ([•] r) the expression 

(^[Ax.s] converges while C[{c ti... tn)] diverges. □ 

Lemma 4.33. <icc C 

Proof. The relation satisfies the hxpoint condition, i.e. <1^^ C which follows 

from Corollary 14.311 and Proposition 14.321 □ 

Lemmas 14.301 and 14.331 immediately imply: 

Theorem 4.34. = <icc. □ 


4.2.2. Alternative Definitions of Bisimilarity in Li^c. We want to analyze the translations 
between our calculi, and the inherent contextual equivalence. This will require to show that 
several differently defined relations are all equal to contextual equivalence. 

Using Theorem 14.81 we show that in Lice, behavioral equivalence can also be proved 
inductively: 

Definition 4.35. The set Qicc of contexts Q is assumed to consist of the following contexts: 

(i) ([•] r) for all closed r, 

(ii) for all types T, constructors c of T, and indices i: 

(casey [•] of ... (c xi... Xar(c) Xi )...) where all right hand sides of other case- 
alternatives are Ll, 

(hi) for all types T and constructors c of T: (case-p [•] of ... (c xi ... Xar(c) True)...) 
where all right hand sides of other case-alternatives are Ll. 

The relations ^icc,Qicci —icc,Qicc instantiations of Definitions 12.51 and Definition 12.61 re¬ 
spectively, with the set Qicc and the closed part of Lice consisting of the subsets of all closed 
EA-expressions, closed contexts C\, and closed answers A/cc- 

Lemma 4.36. The calculus Lice *5 convergence-admissible in the sense of Definition 
where the Q-contexts are defined as above. 

Proof. Values in L/cc are L/cc-WHNFs. The contexts Q are reduction contexts in L/cc- Hence 
every reduction of Q[s] will hrst evaluate s to u and then evaluate Q[v]. □ 

Theorem 4.37. 4icc = 4icc,Q,c. = <icc,Qicc and 4°cc= <cc,Qicc = 

Proof. Theorem 14.81 shows ^icc,Qi^^ = ^icc,Qi^^ since Lice is convergence-admissible. 

The first equation is proved by showing that the relations satisfy the hxpoint equations 
of the other one in Dehnition 14.101 and 12.51 respectively. 

• ^icc C LQi^icc)- Assume s ^icc t for two closed s,t. ff sficcV, then tficcW for values 

v, w. Since reduction preserves the hxpoint operator conditions are satished if v,w 
are both abstractions or both constructor applications, ff u = Ax.s' with s' € cBot and 
w = c{ti,... ,tn), Q{v) diverges for all Q, hence s Fq(^zcc) t- 

• =4icc,Qi^^ C Ficc{^icc,Qi^J- Assume s =4icc,Qi^^ t. Let shceV. Then also theeW for some value 

w. fn the cases that v, w are both abstractions or both constructor applications, when 

using appropriate Q of kind (ii) or (hi), the F/cc-conditions are satished. If u = Ax.s' and 
w = c{ti,... ,tn), we have to show that s' G cBot: this can be done using all Q-contexts 
of the form ([] r), since {w r)-^icc in any case. □ 
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Definition 4.38. Let CEicc be the following set of closed E^-expressions built from con¬ 
structors, n, and closed abstractions. These can be constructed according to the grammar: 

r G CEicc ::= 1? | Xx.s \ (c r; ... ^(c)) 

where Xx.s is any closed EA-expression. 

The set Qce is defined like the set Qi^c in Definition 14.351 but only expressions r from 
CEif-c are taken into account in the contexts ([•] r) in (i). 

We summarize several alternative definitions for contextual preorder and applicative 
simulation for Lice, where we also include further alternatives. m is contextual preorder, 
(i2]l the applicative simulation, ([3]), (jl]) and ([5]) are similar to the usual call-by-value variants, 
where and dSD separate the closing part of contexts, where ([S]) can be seen as bridging 
the gap between call-by-need and call-by-name. ([7]) is the Q-similarity, ([ 8 j) is a further 
improved inductive Q-simulation by restricting the set of test arguments for abstractions, 
and ([9]) is the co-inductive version of (IHll . 

Theorem 4.39. In Lice, the following relations on open E\-expressions are identieal: 

(1) <kc. 

( 2 ) 

(3) The relation <icc,i defined by si <icc,i S 2 iff for all elosing contexts C: C[si]ficc 

(4) The relation <icc, 2 , defined as: si <icc ,2 S 2 iff for all elosed contexts C and all closing 

substitutions a: C[a{s 2 )]ficc- 

(5) The relation <icc, 3 , defined as: si <icc ,3 S 2 iff for all multi-eontexts M[-, ...,•] and all 

substitutions a: M[cr(si),..., (t(si)]4-;cc XI[a{s 2 ), ■ ■ ■ ,cr{s 2 )]iicc- 

( 6 ) The relation <icc,a, defined as: si <icc ,4 S 2 iff for all contexts C[-] and all substitutions 
a: C[a{si)]licc C[a{s 2 )]iicc- 

(7) <fcc,Qlcc 

(8) The relation where <icc,Qce defined as in Definition \2.6\ instantiated by the 

elosed part of Lice ond by the set Qce in Definition \4.38[ 

(9) The relation ^°ccQce defined as in Definition 1.2.51 instantiated by the elosed part of 
Lice o,nd by set Qce in Definition \4.38[ 

Proof. • ([1]) ([2]) 4=^ ([7]) : This is Theorem 14.341 and Theorem 14.371 

• dH) The “=>”-direction is obvious. For the other direction let si <icc,i S 2 

and let C be a context such that 0 7^ FF(C'[si]) U EV{C[s 2 ]) = {xi,... ,Xn} and let 

C[si]ficc, i.e. C'[si] — - > V where v is an abstraction or a constructor application. Let 
C = {Xxi,... ,Xn.C) ft. . ^.D . Then C'[si] s' = C[si][Ll/ xi,... ,TL/xn] for 

n-times 

i = 1,2. It is easy to verify that the reduction for C'[si] can also be performed for 

s[, since no reduction in the sequence C'[si] > v can be of the form R[xi\ with R 
being a reduction context. Thus C'[si]ficc. Since C'[si] must be closed for i = 1 , 2 , the 

precondition implies C'[s 2 ]iicc also s^ficc- W.l.o.g. let s '2 fTTf y' where v' is an 
L;cc-WHNF. It is easy to verify that no term in this sequence can be of the form i7[D], 
where i? is a reduction context, since otherwise the reduction would not terminate (since 

Icc 

This implies that we can replace the D-expression by the free variables, 
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i.e. that C[s2]\ricc- Note that this also shows by the previous items (and Corollary 14.,lip 
that (nbeta) is correct for ~;cc- 

• (HD ^ This follows from Corollary 14. 31 I since closing substitutions can be simulated 
by a context with subsequent (nbeta)-reduction. This also implies that (nbeta) is correct 
for 2 and by the previous item it also correct for i (where ~zcci = <Zcc i C >icc i)- 

. dH) ^ (HD The direction “ ” is trivial. For the other direction let si </cc S 2 and let 

(7 be a context, u be a substitution, such that C'[(t(si)]),;c(;. Let a = {xi ti,... Xn ^ in} 

and let C = C[(Axi,..., x„.[-]) ti ... tn]- Then C"[si] C[(t(si)]. Since (nbeta)- 

reduction is correct for ~zcc, we have C'[si\\.i^f.. Applying si <icc S 2 yields C'\s 2 ]\ricc- 

Since C'[s 2 ] C'[ct(s 2 )] and (nbeta) is correct for ~zcc) we have C'[cT(s2)]izcc- 

• © ©: Obviously, si <;cc ,3 S 2 si <zcc ,4 S 2 - We show the other direction by 

induction on n - the number of holes in M - that for all E^-expressions si, S 2 : si <kc ,4 S 2 

implies M[cr(si),...o-(si)]|,cc ^ ^^(^ 2 ), ■ ■ • o'(s 2 )]izcc- 

The base cases for n = 0,1 are obvious. For the induction step assume that M has 
n > 1 holes. Let M' = M[cr(si),- 2 , • • •,-n] and M” = M[cr(s 2 ),- 2 ) ■ ■ ■ m]- Then obvi¬ 
ously M'[<t(si), ..., (t(si)] = M[(t(si), ..., ct(si)] and thus M'[ct(si), ..., (t(si)]|;cc. For 
C = M[-i, cr(si),..., cr(si)] we have (^[^(si)] = M'[a{si ),..., o'(si)] and also C[cj(s 2 )] = 
M"[cj(si),..., cr(si)]. Since C'[cj(si)]4,;c(,, the relation si <;cc ,4 S 2 implies that C'[cr(s2)]4,;cc 
and hence M"[cr(si),..., cr(si)]4,icc' Now, since the number of holes of M" is strictly 
smaller than n, the induction hypothesis show that M"[a{s 2 )-, ■ ■ ■, cj(s2)]izcc- Because of 
M"[cr(s 2 ), . . . , 0 '(S 2 )] = M[c7(s2 ), • • • , 0 '(s 2 )] We have M[c7(s2), • • • , (j{s 2 )\ilcc- 
: The direction © => © is trivial. 

For the other direction we show that C by showing that the inclusion 

<Icc,Qce ^ ^icc,Qi,, holds. Let si,S 2 be closed expressions with si <icc,Qce and let 
Qi[-• • Qn)'?!].. .]i;cc Qi ^ Qicc- Let m be the number of normal-order-reductions 
of Qi[... Qnlsi]...] to an L^cc-WHNF. Since the reduction rules are correct w.r.t. ^icc 
for every subexpression r of the contexts Qi, there is some r' with r' <icc r, where 

G Qce, which is derived from r by (top-down)-reduction, which may also be non-normal 

order, i.e. r > Vm+i where rm+i has reducible subexpressions (not in an abstraction) 
only at depth at least m -|- 1. All those deep subexpressions are then replaced by 14, 
and this construction results in r'. By construction, r' <icc r. We do this for all the 
contexts Qi, and obtain thus contexts Q[. The construction using the depth m shows 
that {Q'i[... [Qn['®i]]])'Dkc 5 since the normal-order reduction does not use subexpressions 
at depth greater than m in those r'. By assumption, this implies {Q[[... [Q(i[s2]]])4';cc) 
and since {Q'^[... [Q'„[s 2 ]]]) <icc (Q'll ■ ■ [Qn[s 2 ]]]), this also implies (Qi[... [Qn[s 2 ]]])- 

• © ®: This follows for the relations on closed expressions by Theorem 14.81 since 

the deterministic calculus (see Def. I2.ip for with Qce as defined above is convergence- 
admissible. It also holds for the extensions to open expressions, since the construction 
for the open extension is identical for both relations. D 

Also the following can easily be derived from Theorem 14.391 and Corollary 14.311 

Proposition 4.40. For open "Rx-expressions si,S 2 , where all free variables ofsi,S 2 are in 

{xi, . . . , Xn} ■ Si Filcc S2 '' '' Axi, . . . XrL.S\ ^Icc Axi, • • • Xn-S2 CH 

Proposition 4.41. Given any two closed Kx-expressions si,S 2 -' si </cc S 2 iff the following 

conditions hold: 
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• If then either (i) S 2 \ricc^x.s' 2 , and for all (closed) r € CEicc-' si r <icc S 2 r, 

or (a) S 2 \-icc{.c s'[ ... s") and s'^ G cBot. 

• if siiiccic s(... s'J, then S 2 iicc{c sf ... s'f), and for all i : s' <icc s'f 

Proof. The if-direction follows from the congruence property of <icc and the correctness of 
reductions. The only-if direction follows from Theorem 14.391 D 

This immediately implies 

Proposition 4.42. Given any two closed Mx-expressions si,S 2 . 

• If si,S 2 are abstractions, then si <icc •§2 iff for all closed r G CEicc-' si r <;cc S 2 r 

• If si = {c ti ... tn) and S 2 = (c' t[ ... t'^) are constructor expressions, then si <icc S 2 iff 

c = d, n = m and for all i : ti <icc ti □ 

We finally consider a more relaxed notion of similarity which allows to use known contextual 
equivalences as intermediate steps when proving similarity of expressions: 

Definition 4.43 (Similarity up to ~zcc)- Let =4icc,^ be the greatest fixpoint of the following 
operator Ficc^r.. on closed L/cc-expressions: 

We define an operator Ficc,f.u on binary relations p on closed L/cc-expressions: 
s Ficc^r^{rj) t iff the following holds: 

(1) If s ^icc Ax.s' then there are two possibilities: (i) if t ^icc (c ti... tn) then s' G cBot, or 
(ii) if t ^icc Xx.t' then for all closed r : ((Ax.s') r) rj ((Ax.f') r); 

(2) If s ~zcc (c Si... s„) then t (c ti... tn) and s* rj ti for all i. 

Obviously, we have s t iff one of the three cases holds: (i) s ~;cc Ax.s', t r^icc Xx.t', 

and (Ax.s') r ^icc,^ {Xx.t') r for all closed r; (ii) s ~;cc Ax.s', t ^icc (c ti...tn), and 
s' G cBot, or (hi) s ~;cc (c si... Sn), t r^icc (cti... tn), and s* U for all i. 

Proposition 4.44. = dice = <(cc’ = ^icc- 

Proof. We show the first equation via the fixpoint equations, (i) We prove that the relation 
dicc,<^ satisfies the fixpoint equation for =4icc- Let s L where s,t are closed. If 

sficffc Si... Sn), then also s '-.^icc {c si... Sn) which clearly implies t\.i^{c ti.. .tn), and also 
t ^icc {c ti... tn). The relation is a fixpoint of Ficc,.^{ri), hence Sj ^;cc,~ ti for all i. 

If sl^c^Ax.s' and tfi^Xx.t' then similar arguments show ((Ax.s') r) dicc,'^ {{Xx.t') r) 
for all r. If tfi^ffc ti.. .tn), then s ~;cc Ax.s' and t {c ti... tn). Again 

the fixpoint property of dicc,<^ shows s' G cBot. 

(ii) We prove that the relation ^icc satisfies the fixpoint equation for Ficc^r^. Let s ^icc t 
for closed s, t. We know that this is the same as s <icc t. If s '^icc (c si... s^), then clearly 
s4,;cg(c s']^... s'n) where (c si ... Sn) ^icc (c s'^... s'n). Since in this case t ^icc {c ti... tn) 
and thus tfi^ffc t'^ ... t'n) where t {c ti... tn) ^icc (c t'^... t'n), and also s* dicc,r^ U for 
all i holds, since reduction is correct. If s ^icc Ax.s' and s ^icc Xx.t' then sfi^,.Xx.s" and 
tfi^^Xx.t" and ((Ax.s') r) ^;cc,~ {{Xx.t') r). 

If s ^icc Ax.s' and s ~;cc {c ti... tn), then for sfi^^Xx.s", we have Ax.s' c^icc Xx.s", and 
since s <icc t, the characterization of expressions in Proposition 14.321 shows s',s" G cBot.\Z\ 
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5. The Translation W : Llr^ Lname 

The translation W : ^ Lname is defined as the identity on expressions and contexts, 

but the definitions of convergence predicates are different. In this section we prove that 
contextual equivalence based on L^ij-evaluation and contextual equivalence based on Lname- 
evaluation are equivalent. We use infinite trees to connect both evaluation strategies. In 
[SS07] a similar result was shown for a lambda calculus without seq, case, and constructors. 

5.1. Calculus for Infinite Trees Ltree- We define infinite expressions which are intended 
to be the letrec-unfolding of the E^-expressions with the extra condition that cyclic variable 
chains lead to local nontermination represented by Bot. We then define the calculus Ltree 
which has infinite expressions and performs reduction on inhnite expressions. 

Definition 5.1. Infinite expressions £% are dehned like expressions E£ without letrec- 
expressions, adding a constant Bot, and interpreting the grammar co-inductively, i.e. the 
grammar is as follows 

S,T,Si,Ti G £x ::= x \ {Si S 2 ) \ (Ax. 5) | Bot 

I {c Si... Sar{c)) I (seq Si S 2 ) I (case-r S of alts) 

In order to distinguish in the following the usual expressions from the infinite ones, we 
say tree or inhnite expressions. As meta-symbols we use s,Si,t,ti for hnite expressions and 
S,T,Si,Ti for inhnite expressions. The constant Bot is without any reduction rule. 

In the following dehnition of a mapping from hnite expressions to their inhnite images, 
we sometimes use the explicit binary application operator @ for applications inside the 
trees (i.e. an application in the tree is sometimes written as (@ Si S 2 ) instead of {Si S 2 )), 
since it is easier to explain, but use the common notation in other places. A position is 
a hnite sequence of positive integers, where the empty position is denoted as e. We use 
Dewey notation for positions, i.e. the position i.p is the sequence starting with i followed 
by position p. For an inhnite tree S and position p, the notation S\p means the subtree at 
position p and p{S) denotes the head symbol of S\p. 

This induces the representation of an inhnite expression S' as a (partial) function S 
from positions to labels where application of the function S to a position p is written as 
p{S) and where the labels are @, case^, (c xi ... Xn) (for a case-alternative), seq, c. Ax, 
and X. The domain of such a function must be a prehx-closed set of positions, and the 
continuations of a position p depend on the label at p and must coincide with the syntax 
according to the grammar in Dehnition 15. 1 1 

Definition 5.2. The translation IT : E£ —£% translates an expression s G E/; into 
its inhnite tree IT{s) G £%■ We dehne the mapping IT by providing an algorithm that, 
computes the partial function IT{s) from positions to labels. Given a position p, computing 
p{IT{s)) starts with s||p and then proceeds with the rules given in Fig. [9l The hrst group 
of rules dehnes the computed label for the position e, the second part of the rules describes 
the general case for positions. If the computation fails (or is undehned), then the position 
is not valid in the tree IT{s). The equivalence of inhnite expressions is extensional equality 
of the corresponding functions, where we additionally do not distinguish a-equal trees. 

Example 5.3. The expression letrec x = x,y = {Xz.z) x y in y has the corresponding 
tree {{Xzi.zi) Bot {{Xz 2 -Z 2 ) Bot {{XZ 3 .Z 3 ) Bot ...))). 
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C[(s 

t)| e] @ 



C[(case'r •••) £] i-A case^ 



C[{c Xi . . . Xn^ s)||£] l-A (c Xi ... Xn) 

for 

a case-alternative 

(^[(seq s t)||£] hA seq 



(^[(c Si . . . Sn)||£] l-A C 



C[(A: 

x.s)||£] 1 -^ Ax 



C[x|| 

e] i-A X if X is a free variable or a lambda-bound variable in C[x\ 

The cases for general positions p: 



1. 

C[(Ax.s)||i.p] 

i-A 

(7[Ax.(s||p)] 

2. 

<^[(s i)lli.p] 

i-A 

(7[(s||p t)] 

3. 

<^[(s t)\\2.p] 

i-A 

(7[(s t||p)] 

4. 

C[(seq s t)||i.p] 

i-A 

(7[(seq slip t)] 

5. 

C[(seq s t)|| 2 .p] 

i-A 

(7[(seq s t||p)] 

6. 

C[(case'r s of alti ... altn)\\i.p] 

i-A 

(7[(case'r s p of alti ... altn)] 

7. 

C[(caseT s of alti ... altn)\\(i+i).p] 

i-A 

(7[(case'r s oialti ... alti\\p ... altn)] 

8. 

C'[. . . (c Xi ... Xn^ s)||l.p . . .] 

i-A 

C[...{cxi ... Xn -S' slip)...] 

9. 

(7[(c Si . . . S7^)||i,p] 

i-A 

(7[(c Si... s^llp ... S/^,)] 

10. 

C[(letrec Env in s) p] 

i-A 

(7[(letrec Env in s||p)] 

11. 

Ci[(letrec x = s,Env in C 2 [x p])] 

i-A 

(7i[(letrec x = s p, Env in (72[x])] 

1 9 

Ci[letrec x = s,y = (72[x p]. 


(7i[letrec x = s\\p,y = C 2 [x\, 


Env in t] 


Env in t] 

13. 

(7i[(letrec x = (72[x||p], Env in s)] 

i-A 

(7i[(letrec x = C 2 [x]\\p, Env in s)] 

If the position e hits the same (let-bound) variable twice, then the result is Bot. 

(Th 

is can only happen by a sequence of rules 11,12,13.) 


Figure 9: Infinite tree construction from positions for fixed s 


The set Cj of infinite tree contexts includes any infinite tree where a subtree is replaced 
by a hole [•]. Reduction contexts on trees are defined as follows: 

Definition 5.4. Call-by-name reduction contexts TZtree of Ltree are defined as follows, where 
the grammar is interpreted inductively and S' G Tj: 

R,Ri G TZtree ■■= ['] I <5) | (case R of alts) \ (seq R S) 

For an infinite tree, a reduction position p is any position such that p{S) is defined and there 
exists some R G TZtree with R[S'] = S and R\p = [•] 

Definition 5.5. An Lj^e-answer (or an Ltree-WHNF) is any infinite Sj-expression S which 
is an abstraction or constructor application, i.e. e{S) = Xx or e{S) = c for some constructor 
c. The reduction rules on infinite expressions are allowed in any context and are as follows: 

(betaTr) ((Ax.5i) ^ 2 ) —>■ S'i[52/x] 

(seqTr) (seq Si S 2 ) —>■ S 2 if Si is an Li^ee-answer 

(caseTr) (casey (c 5i... Sn) of ... (c xi... —>■ S')...) —5'[S'i/xi,..., Sn/xn] 

If 5 = R[5i] for a T^tree-context R, and Si A S 2 for a G {(betaTr), (caseTr), or (seqTr)}, 
then we say S S' = R[52] is a normal order reduction (tree-reduction) on infinite trees. 
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Here is the tree-redex of the tree-reduction. We also use the convergence predicate 
for infinite trees defined as: iff S S' and S' is an Ljree-WHNF. 


Note that 


tree.betaTr 


> and 


tree,caseTr 


> only reduce a single redex, but may modify infin¬ 


itely many positions, since there may be infinitely many positions of a replaced variable x. 
E.g., a (tree,betaTr) of IT {{Xx.{letrec z = {z x) in z)) r) = (A 2 ;.((... (... x) x) x)) r 
((... (... r) r) r) replaces the infinite number of occurrences of x by r. 


Concluding, the calculus is defined by the tuple {£x,^x^--^^^tree) where h^tree 
are the Ljree-WHNFs. 

In the following we use a variant of infinite outside-in developments |Bar84[lKKMV^ 
as a reduction on trees that may reduce infinitely many redexes in one step. The motivation 
is that the infinite trees corresponding to finite expressions may require the reduction of 

infinitely many redexes of the trees for one or > -reduction, respectively. 


Definition 5.6. We define an infinite variant of Barendregt’s 1-reduction: Let 5 € f*! be an 
infinite tree. Let f be a special label and M be a set of (perhaps infinitely many) positions 
of S, which must be redexes w.r.t. the same reduction a G {(betaTr), (caseTr), or (seqTr)}. 

Now exactly all positions m G M of 5 are labeled with |. By S S' we denote the 
(perhaps infinite) development top down, defined as follows: 


• Let So = S and Mq = M. 

• Iteratively compute Mj+i and S’j+i from Mi and Si for f = 0,1, 2,... as follows: 

Let d be the length of the shortest position in M,, and Mi^d be the finite set of positions 
that are the shortest ones in Mj. 

For every p G construct an infinite tree Tp from Si\p by iterating the following 
reduction until the root of 5i|p is not labeled: remove the label from the top of 5i|p, then 
perform a labeled reduction inheriting all the labels. If this iteration does not terminate, 
because the root of S'ilp gets labeled in every step, then the result is Tp := Bot (unlabeled), 
otherwise a result Tp is computed after finitely many reductions. 

Now construct by replacing every subtree at a position p G Mi^d in Si by Tp-. for 
the positions p of Si that do not have a prefix that is in Mi^d-, we set p(5'j+i) := p{Si) and 
for p G Mi^d we set Si\p := Tp. 

Let Mj_|_i be the set of positions in which carry a label f. The length of the 
shortest position is now at least d+ 1. Then iterate again with Mj+i, 

• S' is defined as the result after (perhaps infinitely many) construction steps Si, S 2 , ■ ■ ■ 


I —I tree 

If the initial set M does not contain a reduction position then we write S ^- > S'. 

We write S S' {S -4 S', resp.) if there exists a set M such that S S' 

{S S', resp.). 


Example 5.7. We give two examples of standard reduction and — ^ —^--reductions. 

An -^^-reduction on expressions corresponds to an ~^ - ’^> -reduction on infinite trees and 
perhaps corresponds to an infinite sequence of infinite tree-reductions. Consider letrec y = 
{Xx.y) a in y. The (Tit, lbeta)-reduction with a subsequent (Tit,llet) reduction results in 
letrec y = y,x = a in y. The corresponding infinite tree of letrec y = (Xx.y) a in y is 
S = ((Axi.((Ax 2 .((Ax 3 .(. .. a)) a)) a)) o). The (tree,betaTr)-reduction-sequence is infinite, 
let M be the infinite set of positions of all the applications in S', i.e. M = {e, 1.1,1.1.1.1,...}. 
Then in the (infinite) development described in Def. 15.61 all intermediate trees have a label 
















30 


M. SCHMIDT-SCHAUSS, D. SABEL, AND E. MACHKASOVA 


at the top, and thus we have S ~—> Bot. For a set M without e, the result will be a value 
tree. 

For the expression letrec y = (seq True (seq y False)) in y the —^--reduction 
results in the expression letrec y = (seq y False) in y which diverges. The corre¬ 
sponding infinite tree is (seq True (seq ((seq True (seq (. . .) False)) False))), which 
has an infinite number of tree-reductions, at an infinite number of deeper and deeper po¬ 
sitions. Let M = {e, 1.2,1.2.1.2,...} be the set consisting of all those positions. Then 

S (seq (seq (seq... False) False) False). 

There may be S, S' such that S S' as well as S > S' for some sets M, M' 
where M contains a reduction position, but M' does not contain a reduction position. For 
example S = (Axi.xi) {{Xx 2 -X 2 ) ((AX 3 .X 3 )...)), where a single (betaTr)-reduction at the 
top reproduces S, as well as a single (betaTr)-reduction of the argument. 


5.2. Standardization of Tree Rednction. Before considering the concrete calculi Lm 
and Lname and their correspondence to the calculus with infinite trees, we show that for 
an arbitrary reduction sequence on infinite trees resulting in an answer we can construct a 
iree-reduction sequence that results in an L^ree-WHNF. 

I —I i/T'GG 

Lemma 5.8. Let T he an infinite expression. If T ——^- y T' for some M, where T' is 

an answer, then T is also an answer. 


Proof. This follows since an answer cannot be generated by ^ - ’^’~'*’~ - ‘^> -reductions, since 
neither abstractions nor constructor expressions can be generated at the top position. Q 


tPGG I 7W 

Lemma 5.9. Any overlapping between a - >-reduction and a — y-reduction can be closed 

as follows. The trivial case that both given reductions are identical is omitted. 


T—^ • 

I I 

tree tree 

t i,M' y 




/ 

I,M' 


T 


I,M 


tree \ / 

' ^ tree 


Proof. This follows by checking the overlaps of -A- with free-reductions. The third diagram 
applies if the positions of M are removed by the tree-reduction. The second diagram applies 
if the tree-redex is included in M and the first diagram is applicable in all other cases. Q 

Lemma 5.10. Let T be an infinite tree such that there is a tree-reduction sequence of length 
n to a WHNF T', and let S be an infinite tree with T LfiL,. g. Then S has a tree-reduction 
sequence of length < n to a WHNF T". 

Proof. This follows from Lemma 15.91 bv induction on n. D 


Lemma 5.11. 


Consider two reductions —S and of the same type (betaTrj, (caseTrJ 


or (seqTrJ. For all trees T,Ti,T 2 : ifT j' 2 ^ 2 , and M 2 C Mi, then there 

is a set M 3 of positions, such that T 2 Ti. 


T 


I,Ml 



Ti 
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Proof. The argument is that the set M 3 is computed by labeling the positions in T using 
Ml, and then by performing the infinite development using the set of redexes M 2 , where 
we assume that the Mi-labels are inherited. The set of positions of marked redexes in T 2 


that remain and are not reduced by Ti 


IM2 


> T 2 is exactly the set M 3 . 


□ 


Consider a reduction T T' of type (betaTr), (caseTr) or (seqTr). This reduction 
may include a redex of a normal order tree-reduction. Then the reduction can be split into 
T Ti -4 T', and splitting of the reduction can be iterated as long as the remaining 
Ti T' has a tree-redex. It may happen that this process does not terminate. 

We consider this non-terminating case, i.e. let Tq T' and we can assume that 

there exist infinitely many Ti, T 2 ,... and Mi, M 2 , ■ ■ ■, such that for any k: Tq -^ and 

Tfc ^ - ^ - '‘y T'. By induction we can show for every A; > 1: Tk-i = ^ = 

Tfc for a reduction context and where S^-i is the redex and is the contractum of 
Tk-i — 7 > Tk and the normal order tree-redex of M^ labels a subterm of Sk- This holds, since 

the inhnite development for T ^’^y T' is performed top down. 

This implies that the infinite tree-reduction goes deeper and deeper along one path of 
the tree, or at some point all remaining tree-reductions are performed at the same position. 

Lemma 5.12. Let T x' such that and M labels the normal order redex ofT. 

Then there exists T" and M' such that T T" ^ T'. 


Proof. Let T = Tq Tk, Tk T' where Mk labels a normal order redex. 



We have Tk = Rk[Sk] where Rk is a reduction context, and Mk labels the hole of Rk, which 

is the normal order redex. The normal order reduction is Tk = Rk[Sk] —^ ^k[Sk] =■ Tk+i- 
Let pk be the path of the hole of Rk, together with the constructors and symbols (case, 
seq, constructors and @) on the path. Also let Mk = Mkp^Mk^ 2 j (where U means disjoint 
union) where the labels of Mkp are in Rk, and the labels Mk ^2 are in Sk. Lemma 15.111 the 
structure of the expressions and the properties of the infinite top down developments show 
that the normal order redex can only stay or descend, i.e. h > k implies that pk is a prefix 
of Ph- 

Also, we have R'j^[S'], where ^ ^ki']^ Sk S'. 

There are three cases: 


The normal order reduction of Tq halts, i.e., there is a maximal k. Then obviously 

^ tree,*^ Mk,^tree^ 

There is some k, such that Rk = Rh for all h > k. In this case, T' = The infinite 

development Tq ^—^y T' will reduce infinitely often at the position of the hole, hence it 
will plug a Bot at position pk of T', and so T' = ii'^[Bot]. But then T' cannot converge, 
and so this case is not possible. 
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• The positions pk of the reduction contexts Rk will grow indefinitely. Then there is an 
infinite path (together with the constructs and symbols) p such that pk is a prefix of p for 
every k. Moreover, p is a position of T'. The sets i are an infinite ascending set w.r.t. 

_ _ f,'P’GG OO _ 

C, hence there is a limit tree Too with T - ^— )■ Too, which is exactly the limit of the 

contexts for /c y oo. T'here is a reduction Too ^ T' ^vhich is exactly ]\/f — 

Hence T' has the path p, and we see that the tree T' cannot have a normal order redex, 
since the search for such a redex goes along p and thus does not terminate. This is a 
contradiction, and hence this case is not possible. D 

Lemma 5.13. Let T Ti T'. Then the reduction can he commuted to T 

Ta T' for some M'. 

I A'l —'iVGG 

Proof. This follows since the —^^-^--reduction cannot generate a new normal order tree- 

redex. Hence, the normal order redex of Ti also exists in T. The set M' can be found by 
labeling T with M, then performing the tree-reduction where all labels of M are kept and 
inherited by the reduction, except for those positions which are removed by the reduction. Q 

I tree 


Lemma 5.14. Let T 


> r' and ThenTf^^^^. 

I 


Proof. We show by induction on k that whenever T 


^ T' T" where T" is an Ltree- 

WHNF, then The base case is A: = 0 and it holds by Lemma ESI For the induction 

LQ T". We apply Lemma [5.131 to T T' Tq and 


step let T t' ^ Tq 

thus have T Ti Tq T" for some M. 

This situation can be depicted by the following diagram where the dashed reductions 
follow by Lemma 15.131 


I,->tree , 

TP —^T' 


tree 


tree,k 


tree 


Y 

Ti 


I,M 


If M does not contain a normal order redex, then the induction hypothesis shows that 
and thus also Now assume that M contains a normal order redex. Then 


we apply Lemma 15.121 to Ti Tq (note that To^^j-gg and hence the lemma is applicable). 


This shows that Ti Tq 


I,—^ tree 


>Tn: 


P^tree tree 



tree^k 


Now we can apply the induction hypothesis to Tg' tree,k^ have Tg'),j^gg 

which also shows T^^^gg. □ 
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Proposition 5.15 (Standardization). Let Ti ,... ,Tk be infinite trees such that 
Tfc_i —^ Tk -2 • • • Ti, where Ti is an Ltree-WHNF. Then Tkit^ee 


LMk-i 




Proof. We use induction on k. If /c = 1 then the claim obviously holds since Tfc = Ti is al¬ 
ready an Ljree-WHNF. For the induction step assume that Tj —^Tj_i ... Ti and 

Tiftree- ^ct Tj+i h Tj. If Mj Contains a normal order redex, then we apply Lemma [5 .121 
and have the following situation 



where T/ is an L^ree-WIINF. We apply Lemma fS-lll to Tj j'' which shows 

that F/+iitree and thus also Tj+i|j^gg. 

If Mj contains no normal order redex, we have 


_ I,—>tree _ 
Ti-i-i-^ Ti 


I.* 


I tree,^ 


T' 


Ti 


where T/ is an Ltree-WHNF. We apply Lemma 15.141 to Tj+i 
'^i+lXtree' 


I,->tree 


> T,: 


tree,* 


> T/ and have 

□ 


5.3. Equivalence of Tree-Convergence and L^/j- Convergence. In this section we will 
show that L 2 ,ij-convergence for finite expressions s € E/; coincides with convergence for the 
corresponding infinite tree IT{s). 

Lemma 5.16. Let si,S 2 G E^ be finite expressions and si S 2 by a rule (cp), or (lllj. 
Then IT{si) = IT{s 2 ). □ 

Lemma 5.17. Let s be a finite expression. If s is an Llr-WHNF then IT{s) is an answer. 
If IT{s) is an answer, then 

Proof. If s is an L^r-WIINF, then obviously, IT{s) is a answer. If IT{s) is an answer, then 
the label computation of the infinite tree for the empty position using s, i.e. sjle, must be Xx 
or c for some constructor. If we consider all the cases where the label computation for sjlg 
ends with such a label, we see that s must be of the form NL[v], where v is an L^^-answer 
and the contexts NL are constructed according to the grammar: 

NL ::= [•] | letrec Env in NL 

I letrec xi = NL[-], {xi = NL[xi-^ IIL[xn] 

We show by induction that every expression NL[v], where u is a value, can be reduced 
by normal order (cp)- and (llet)-reductions to a WHNF in Lrr. We use the following 
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induction measure // on NL[v]: 

fi{v) :=0 

/i(letrec Env in NL[v]) := 1 + fi{NL[v]) 

/i(letrec xi = NLi[v],{xi = Eto in NLn+i[xn]) := 

[^;]) + /i(letrec xg = iVLg[?;], (x* = NLi[xi-i]}f^ 3 , Env in NLn+i [x„]) 

The base case obviously holds, since v is already an L^/j-WHNF. For the induction step as¬ 
sume that NL[v'] where t is an Li;,ij-WHNF for every NL[v'] with fj,{NL[v']) < 

k. Let NL, and v be fixed, such that ^{NL[v]) = k > 1. There are two cases: 

• NL[v] = letrec Env in NL'[v]. If NL' is the empty context, then NL[v] is an L/,ij-WHNF. 
Otherwise NL'[v] is a letrec-expression. Thus we can apply an {LR, (llet-in))-reduction 
to NL[v], where the measure // is decreased by one. The induction hypothesis shows the 
claim. 

• NL[v] = letrec xi = NLi[v],{xi = iVLj[xj_;]}”^ 2 , F'n?; in NLn+i[xn]. If NLn+i[xn] 

is a letrec-expression, then we can apply an (Li?, llet-in)-reduction to NL[v] and the 
measure ^ is decreased by 1. If NLn+i is the empty context, and there is some i such 
that NLi is not the empty context, then we can choose the largest number i and apply an 
(Li?, llet-e)-reduction to NL[v]. Then the measure /r is strictly decreased and we can use 
the induction hypothesis. If all the contexts NLi for i = 1,..., n -|- 1 are empty contexts, 
then either NL[v] is an Li;,/j-WHNF (if r is a constructor application) or we can apply an 
(Li?,cp) reduction to obtain an L^/j-WIINF. □ 

Lemma 5.18. Let s € E/; such that s jj reduction a is (cp) or (lllj then 

IT[s) = IT{t). If the reduction a is (IbetaJ, (case-cj, (case-inj, (case-e) or (seq-c), 

(seq-inj,(seq-cj then IT{s) > IT{t) for some M, where a' is (betaTrJ, (caseTrj, or 

(seqTrJ, respectively, and the set M contains normal order redexes. 


Proof. Only the latter needs a justification. Therefore, we label every redex in IT(s) that 
is derived from the redex s t by IT{.). This results in the set M for IT{s). There will 
be at least one position in M that is a normal order redex of IT{s). D 

Proposition 5.19. Let s € E/; such that sfu^. Then /r(s)j,^^gg. 

Proof. We assume that s — t, where t is a WHNF. Using Lemma [5.18l we see that there 

is a finite sequence of reductions IT{s) —^ IT{t). Lemma 15.171 shows that IT{r) is an 
Ttree-WHNF. Now Proposition 15. 151 shows that /r(s)|j^gg. □ 

We now consider the other direction and show that for every expression s: if IT{s) 
converges, then s converges, too. 

ilTGG. of 

Lemma 5.20. Let R he some reduction context, s.t. IT{s) = R[T] -^ R[T']. Then for 

{a', a) € {(betaTr, Ibeta), (caseTr, case), (seqTr, seq)} there exist expressions si, 82,83 and 

an infinite tree T' with s si S 2 S 3 with R[T'] ITfss). 
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S - 
I 

LR,111,* I 

Y 

•Si 

L-R,cp,0Vl ' 

Y 

•52 

I 

LR,a I 

Y 

•53 


/T(.) 


/r(.) 


IT{s) = R[T] 

Y 


tree,a' 


R[T'] 


IT{-) 




IT{s3) 


\ 


I I,M,a.' 


/ 


Proof. Let p be the position of the hole of R. We follow the label computation to T along p 
inside s and show that the redex corresponding to T can be found in s after some (111) and 
(cp) reductions. For applications, seq-expressions, and case-expressions there is a one-to- 
one correspondence. If the label computation shifts a position into a “deep” letrec, i.e. 
(^[(letrec Env in s)||p] i—>■ (^[(letrec Env in s||p)] where C is non-empty, then a sequence 
of normal order (lll)-reduction moves the environment Env to the top of the expression, 


where perhaps it is joined with a top-level environment of C. Let s > s'. Lemma 15.161 

shows that IT(s') = IT{s) and the label computation along p for s' requires fewer steps 
than the computation for s. Hence this construction can be iterated and terminates. This 

yields a reduction sequence s si such that the label computation along p for si 

does not shift the label into deep letrecs and where IT{s) = IT{si) (see Lemma l5.16p . 
Now there are two cases: Either the redex corresponding to T is also a normal order redex 
of si, or Si is of the form letrec xi = Ax.s', X 2 = xi,..., Xm = Xm-i, ■ ■ ■ R'[xm] ■ ■ ■■ For 
the latter case an {LR, cp) reduction is necessary before the corresponding reduction rule 
can be applied. Again Lemma l5 .16 1 assures that the infinite tree remains unchanged. After 


applying the corresponding reduction rule, i.e. S 2 


LR,a 


> S 3 , the normal order reduction 


tree o! 

may have changed infinitely many positions of IT( 33 ), while R[T] -^—>■ R[T'] does not 

change all these positions, but nevertheless Lemma 15.181 shows that there is a reduction 


R[T] > IT{s 3 ), and Lemma l5 .11 1 shows that also R[T'] 


> IT^ss) for some M'. □ 


Example 5.21. An example for the proof of the last lemma is the expression s defined 
as s := letrec X = (Ay.y) X in x. Then IT{s) = {Xy.y) {{Xy.y) {{Xy.y)...)). The 

tree-reduction for IT{s) is IT{s) IT{s). On the other hand the normal order 

reduction of Llj^ reduces to s' := letrec x = (letrec y = x in y) in x and IT{s') = Bet. 

To join the reductions we perform an ^ ■ ’^> -reduction for IT{s) where all redexes are labeled 
in M, which also results in Bot. 


Proposition 5.22. Let s be an expression such that IT{s)f^j.gg. Then sfu^. 

Proof. The precondition IT{s)f^J.gf, implies that there is a tree-reduction sequence of IT{s) 
to an Lfree-WHNE. The base case, where no tree-reductions are necessary, is treated in 

> T' be a tree-reduction. Lemma 15.201 shows 


tree,a' 


Lemma 15.171 In the general case, let T 

that there are expressions s',s" with s g' s", and T' IT{s"). 

Lemma 15.101 shows that IT{s") has a normal order tree-reduction to a WHNE where the 
number of tree-reductions is strictly smaller than the number of tree-reductions of T to a 
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WHNF. Thus we can use induction on this length and obtain a normal order ii?-reduction 
of s to a WHNF. □ 

Propositions 15.191 and 15.221 imply the theorem 

Theorem 5.23. Let s be an ¥.c-expression. Then */ only if □ 


5.4. Equivalence of Infinite Tree Convergence and L„ame-convergence. It is easy to 
observe that several reductions of Lname do not change the infinite trees w.r.t. the translation 
IT{-), 

Lemma 5.24. Let si,S 2 € Then si -^ S 2 for a G {gcp,lapp,lease,Iseq} implies 

IT{si) = IT{s2). □ 

Lemma 5.25. For {a, a') G {(beta, betaTr), (case, caseTr), (seq, seqTr)} it holds: 

Lf Si - > S2 for Si G E£, then IT{si ) - > LT{s 2 )- 

Proof. Let si := RnameWi] Rname[s 2 ] = ^2 where is the redex of the 

reduction and Rname is an L„ame-reduction context. First one can observe that the redex 
is mapped by LT to a unique tree position within a tree reduction context in LT{si). 
We only consider the (beta)-reduction, since for a (case)- or a (seq)-reduction the reason¬ 
ing is completely analogous. So let us assume that = {{Xx.s'D s'f). Then IT transforms 
into a subtree a{{Xx.IT{sf)) IT{s 2 )) where cr is a substitution replacing variables by in¬ 
finite trees. The tree reduction replaces a{{Xx.IT{s'f)) ITls'f)) by a{IT{s'f))[a{IT(s'f))/x], 
hence the lemma holds. □ 

Proposition 5.26. Let s G E/; be an expression with Then IT{s)f^.^^. 

Proof. This follows by induction on the length of a normal order reduction of s. The 
base case holds since IT{L[v]), where v is an L^ame-answer is always an Li^ee-answer. For 
the induction step we consider the first reduction of s, say s s'. The induction 

hypothesis shows IT{s')ff-j.gg. If the reduction s s' is (name,gcp), (name,lapp), 

(name,lease), or (name,Iseq), then Lemma 15.241 implies IT{s)firgg. If s s' for 

a G {(beta), (case), (seq)}, then Lemma 15.251 shows IT{s) IT{s') and thus /T(s)4,^^gg. 

□ 

Now we show the other direction: 


Lemma 5.27. Let s G E/; such that IT{s) = IZ[T], where IZ is a tree reduction context and 

1 IS a value or a redex. 1 hen there are expressions s , s such that s - > 

s', IT {s') = IT{s), s' = 4?[s"], IT{L[s"]) = T, where R = L[j4[-]] is a reduction context 
for some C-context L and some A-context A, s" may be an abstraction, a constructor 
application, or a beta-, case- or seq-redex iff T is an abstraction, a constructor application, 
or a betaTr-, caseTr- or seqTr-redex, respectively, and the position p of the hole in IZ is 
also the position of the hole in H[-]. 


Proof. The tree T may be an abstraction, a constructor application, an application, or 
a betaTr-, caseTr- or seqTr-redex in R[T]. Let p be the position of the hole of IZ. We 
will show by induction on the label-computation for p in s that there is a reduction 


name,lappVlcaseVlseqVgcp,* 


> S 


where s' is as claimed in the lemma. 


s 
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We consider the label-computation for p to explain the induction measure, where we use 
the numbers of the rules given in Fig. [9j Let q be such that the label computation for p is 
of the form (10)*.g and q does not start with (10). The measure for induction is a tuple 
(a, b), where a is the length of q, and 6 > 0 is the maximal number with q = (2 V 4 V 6)^.gh 
The base case is (a, a): Then the label computation is of the form (2 V 4 V 6)* and indicates 
that s is of the form L[A[s"]] and satisfies the claim of the lemma. For the induction step 
we have to check several cases: 

(1) The label computation starts with (10)*(2 V 4 V 6)'’“(10). Then a normal-order (lapp), 
(lease), or (Iseq) can be applied to s resulting in si. The label-computation for p w.r.t. 
Si is of the same length, and only applications of (10) and (2 V 4 V 6) are interchanged, 
hence the second component of the measure is strictly decreased. 

(2) The label computation starts with (10)*(2V4V6)*(11). Then a normal-order (gep) can 
be applied to s resulting in si. The length q is strictly decreased by 1, and perhaps one 
(12)-step is changed into a (ll)-step. Hence the measure is strictly decreased. 

In every case the claim on the structure of the contexts and s' can easily be verified. D 

Lemma 5.28. Let s be an expression with IT{s) T. Then there is some s' with 

s s' and IT{s') = T. 

Proof. If IT{s) T, then IT{s) = where 7^ is a reduction context, S a tree-redex 
with S S' and T = TZ[S']. Let p be the position of the hole of TZ in IT{s). We apply 

Lemma 15.271 which implies that there is a reduction s-^ s', such that IT{s) = IT{s') 

and s' = 7?[s"] where R = L[H[-]] is a reduction context and /r(L[s"]) is a beta-, case-, or 

seq-redex. It is obvious that s' = L[H[s"]] -^ t. Now one can verify that IT{t) = T 

must hold. □ 

Proposition 5.29. Let s be an expression with IT{s)f^j.^g. Then 

t/TCG A/ 

Proof. We use induction on the length A: of a tree reduction IT{s) -^ T, where T is an 

Liree-answer. For the base case it is easy to verify that if IT{s) is an Li^ee-a-nswer, then 
s for some T-context L and some Lname-^slue v. Hence we have 

The induction step follows by repeated application of Lemma [5.281 □ 

Corollary 5.30. For all Kc-expressions s: if, and only if IT{s)l^j.g^. □ 

Theorem 5.31. <name = <lr- 

Proof. In Corollary 15.301 we have shown that L„ame-convergence is equivalent to infinite 
tree convergence. In Theorem 15.231 we have shown that L/,ij-convergence is equivalent to 
infinite tree convergence. Hence, L„ame-convergence and L^/j-convergence are equivalent, 
which further implies that both contextual preorders and also the contextual equivalences 
are identical. □ 

Corollary 5.32. The translation W is convergence equivalent and fully abstract. □ 

Since W is the identity on expressions, this implies: 

Corollary 5.33. W is an isomorphism according to Definition\2. 1\ D 


















38 


M. SCHMIDT-SCHAUSS, D. SABEL, AND E. MACHKASOVA 


A further consequence of our results is that the general copy rule (gcp) is a correct 
program transformation in Lm. This is a novel result, since in previous work only special 
cases were proved correct. 

Proposition 5.34. The program transformation (gcp) is correct in Lname and Lm. 

Proof. Correctness of (gcp) in Lname holds, since for s, f € E£ with s t and for any con¬ 
text C: IT{C[s]) = IT{C[t]). Hence Corollary 15.301 implies that C[s\\.name C[t]\.name 

and thus s ^name t. Theorem 15.311 finally also shows s ^mt. □ 


6 . The Translation N : Lname —>■ Lice 

We use multi-fixpoint combinators as defined in |Goin5] to translate letrec-expressions E/; 
of the calculus Lname i^to equivalent ones without a letrec. The translated expressions 
are Ea and belong to the calculus Lice- 

Definition 6.1. Given n > 1, a family of n fixpoint combinators for i = 1,... ,n can 
be defined as follows: 

Y2 ■■= Xfi,...,fn-i (Xxi, . . . ,Xn.fi {xiXi ...Xn) ... (Xn Xi . . . Xn)) 

{Xxi, . . . ,Xn.fl (xi Xi ...Xn) ... (Xn Xi . . . Xn)) 

(Xxi, . . . ,Xn.fn [xiXi ...Xn) ... {Xn Xi ...Xn))) 

The idea of the translation is to replace (letrec xi = si,...,Xn = Sn in t) by 
t[Bi/xi,... ,Bn/xn] where Bi := Yf Fi... Fn and Fj := Axi,.. .,Xn.Si. 

In this way the fixpoint combinators implement the generalized fixpoint property: 
Y^ Fi... Fn ~ Fi (Yf Fi... Fn)... {Y^ Fi... Fn). However, our translation uses mod¬ 
ified expressions, as shown below. 

Consider the expression (Y^ Fi ... Fn). After expanding the notation for Yf we 
obtain the expression ((A/i,..., fnfXi Xi ... Xn)) Fi ... Fn) where Xi can be expanded 
to Xi = Axi... Xn.{fi {xi xi ... Xn) ... {xn xi ... Xn)). If we reduce further then we get: 

(A/i,...,/„.(A, Ai ... Xn))F, ... Fn^^^iXlX[ ... X(), 
where X'- = Xxi... x„.(Fj (n xi ... x„)... (x„ xi ... Xn)) 

We take the latter expression as the definition of the multi-fixpoint translation, where 
we avoid substitutions and instead generate (nbeta)-redexes which ensures that contexts 
are mapped to contexts 

Definition 6.2. The translation N : Lname Lice is recursively defined as: 

• A'(letrec xi = si,... .,Xn = Sn in t) = 

{Xx(,...,x'n.{>^Xi,...Xn.N{t)) Ui . . . Un) X[ . . . X), 

where x[,... ,Xn are fresh variables 
Ui = XiX[...Xn, 

X[ = Xxi...Xn.Fi{xiXi...Xn)...{XnXi...Xn), 

Fi = Xxi, . . . ,Xn.N{si). 

• N{s t) = {N{s) N{t)) 

• A'^seq s t) = (seq N{s) N{t)) 

• N{c Si ... Sar(c)) = (c N (si) . . . A^(Sar(c))) 

• N{Xx.s) = Xx.N{s) 
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• N(ca.seT s of alti ... alt^rp\) = caser N{s) of N{alti) ... N{alt\j'\) 

• for a case-alternative: N{c xi ... Xa,r(c) s) = {c xi ... Xar(c) 

• N{x) = X. 

We extend N to contexts by treating the hole as a constant, i.e. iV([-]) = [•]. This is 
consistent, since the hole is not duplicated by the translation. 


6.1. Convergence Eqnivalence of N. In the following we will also use the context class 
B, defined as B = L[B] \ A[B] \ [•] (£- and >I-contexts are defined as before in Sect. 13.2p . 

The proof of convergence equivalence of the translation N may be performed directly, 
but it would be complicated due to the additional (nbeta)-reductions required in Li^c- For 
this technical reason we provide a second translation N', which requires a special treatment 
for the translation of contexts and uses a substitution function a: 

Definition 6.3. The translation N' : Lname Li^c is recursively defined as: 

• W(letrec xi = si,..., in t) = a{N'{t)), where 

a = {xi>-^Ui,...Xn>-^Un} 

U, = {X'X[ ... X'J, 

X[ = Axi . . . Xn-Fi{xi Xi ... Xn) ... {Xn Xi ... Xn), 

Fi = \xi,...,Xn.N'{si). 

• N'{s t) = {N'{s) N'{t)) 

• A^'(seq s t) = (seq N'{s) 

• N'lc Si...Sn) = (C N'{si) . . . N'{Sn)) 

• N'{Xx.s) = Xx.N'{s) 

• N'lcasex s of alti ... = case-r N'{s) of N'{alti) ... N'{alt^rp^"j 

• for a case-alternative: N'{c xi ... Xar(c) —)• s) = (c xi ... Xar(c) ^ F''{,s)) 

• N'{x) = X. 

The extension of N' to contexts is done only for ;B-contexts and requires an extended notion 
of contexts that are accompanied by an additional substitution, i.e. a ;B-context translates 
into a pair (C, a) of a context C and a substitution a acting as a function on expressions. 
Filling the hole of {C,a) by an expression s is by definition {C,a){s) = CPaPs)]. The 
translation for ;B-contexts is defined as 

N'{C) = (C",ct), where C and a are calculated by applying N' to C: for calculating 

C the hole of C is treated as a constant, and a is the combined 
substitution affecting the hole of C. 

This translation does not duplicate holes of contexts. 

Lemma 6.4. The translation N is equivalent to N' on expressions, that is for all E/;- 
expressions s the equivalence N{s) ^icc N'{s) holds. 

Proof. This follows from the definitions and correctness of (nbeta)-reduction in Li^c by 
Theorem 14.311 □ 

We first prove that the translation N' is convergence-equivalent. Due to Lemma [631 this 
will also imply that N is convergence-equivalent. All reduction contexts T[A[-]] in Lname 
translate into reduction contexts Rice in L/cc since removing the case of letrec from the 
definition of a reduction context in Lname results in the reduction context definition in Lice. 
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However, this cannot be reversed, since a translated expression of Lname may have a redex 
in Lice, but it is not a normal order redex in Lname since (lapp), (Iseq), or (lease) reductions 
must be performed first to shift letrec-expressions out of an application, a seq-expression, 
or a case-expression. The lemma below gives a more precise characterization of this relation: 

Lemma 6.5. //L[H[-]] is a reduction context in Lname, then A^'(L[H[-]]) = i?[(T(-)], where 
R is a reduction context in Li^c and a is a substitution. 

If R is a reduction context in Lice, and N'{C') = {R,cr) for some substitution a and 
some context C in Lname, then C is a B-context. 

Proof. The hrst claim can be shown by structural induction on the context L[j 4[-]]. It holds, 
since applications are translated into applications, seq-expressions are translated into seq- 
expressions, case-expressions are translated into case-expressions, and letrec-expressions 
are translated into substitutions. 

The other part can be shown by induction on the number of translation steps. It 
is easy to observe that the dehnition of a reduction context in Lname does not descend 
into letrec-expressions below applications, seq-, and case-expressions. For instance, in 
((letrec Env in ((Ax.si) S 2 )) S 3 ) the reduction contexts are [•] and ([•] S 3 ) and the redex is 
(lapp), i.e. the reduction context does not reach ((Ar.si) S 2 ). In general, applications, seq-, 
and case-expressions in such cases appear in H-contexts, as defined above. By examining 
the expression definition we observe that these (lapp), (Iseq), and/or (lcase)-redexes are the 
only cases where non-reduction contexts may be translated into reduction contexts. D 

Lemma 6.6. Let N'{s) = t. Then: 

(1) If s is an abstraction then so is t. 

(2) // S = (c Si . . . Sar(c)) then t = {c t[ . . . t’^c(c))- 

Proof. This follows by examining the translation N'. Q 

We will now use reduction diagrams to show the correspondence of L^ame-reduction 
and L/cc-reduction w.r.t. the translation N'. 

Transferring Lname-reductions into Licc-reductions. 

In this section we analyze how normal order reduction in Lname can be transferred into Lice 
via N'. We illustrate this by using reduction diagrams. For s t we analyze how the 

reduction transfers to N'{s). The cases are on the rule used in s t: 

• (beta) Let s = R[{Xx.si) S 2 ] be an expression in Lname, where R is a reduction context. 

We observe that in Lname- s t = i?[si[s 2 /x]]. Let W(i?[-]) = {R',a). Then the 

translations for s and t are as follows: 

Nfs) = R'[a{N'{{Xx.si) S 2 ))] = R'[{Xx.a{N'{si))) a{N'{s 2 ))] 

N'{t) = N'iR[si[s 2 /x]]) = R'[a{N'isi[s 2 /x]))] = R'[a{N'{si))[aiN'{s 2 ))/x]] 

Since R' is a reduction context in Lice, this shows N'{s) Thus we have 

the diagram (1) in Figure fTOl 

• (gep) Consider the (gep) reduction. Without loss of generality we assume that xi is the 

variable that gets substituted: 

rh 4 - • or 11 n-a-rne,gep 

s = T[letrec xi = si,..., = Sn m R\xi\\ ->■ 

t = L[letrec xi = si,... ,Xn = Sn xn 
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Figure 10: Diagrams for transferring reductions between Lname and Li^c 

Let N'{L) = {[■],crL), N'(letrec xi = si,..., Xn = Sn in [•]) = {[■],crEnv), and N'{R) = 
{R',aR) where R' is a reduction context. Then 

N'is) = (JLicrEnviR'icrRixi)])) = crLicrEnv{R'))[crL{crEnv{crRixi)))] 

= crLicrEnviR'))[crL{crEnvixi))] 

where the last step follows, since xi cannot be substituted by aR, and 

N'{t) = (7L{(TEnviR'))WL{(^EnviN' {Si)))] 

where it is again necessary to observe that ctr(si) = si must hold. The context R" = 
(XL{(^Env{R')) must be a reduction context, since R' is a reduction context. This means 

that we need to show that R''[(TL{^Env{xi)y\ R''[aLio'Env{N'(si)))] holds. 

By Definition 16.31 of the translation N' we have crL{crEnvixi)) = Ui = {X[X[ .. -X'^), 
where X'- = Xxi... Xn-Fi{xixi ... x„)... {xnXi ... Xn), and F-i = Axi,..., Xn-crL{X'{si)), 
i.e., N'{t) = R''[Ui]. 

Performing the applications, we transform Ui in 2n steps as 

{Xxi,...,Xn.{Fi{xiXi...Xn)...{XnXl...Xn))) X[ . . . X'^ 
{X[X[...X'J ... 

{Xxi,...,Xr,.aLiN'{s,))){X[X[...X'J ... {X'^X[... X'J 
aL{N'{si))[U,/xi,...,Un/Xn]. 

Obviously, for all reduction contexts in Lice holds: ri r 2 implies i?[ri] l?[ri]. 

Hence N'{s) R"[aL{N'{si))[Ui/xi,... ,Un/xn]] and since xi,...,Xn cannot 

occur free in L, the last expression is the same as R"[aL{crEnv{X'(s)))]. Thus we obtain the 
diagram (2) in Figure [TOl where n is the number of bindings in the letrec-subexpression 
where the copied binding is. 

• (case) The diagram for this case is marked (3) in Figure [TOl The case is similar to 
(beta): s = i?[caseT (c st)... ((c xl) ^ r)...] R[r[si/xi,... ,s^c{c)/xi,r{c)]] = t. 

Let A^'(i2[-]) = {R',a). Then the translations for s and t are as follows: 

N'{s) = R'[a{N'{casex (c Si . . . Sar(c)) • • • ((c Xi . . . Xar(c)) .))] 

= R'lcasex (c a{N'{si)))... o-(iV'(Sar(c))) • • • ((c xi... Xar(c)) ^ cr{N'{r)))...] 
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N'{t) = N'{R[r[si/xi, Sar(c)/a^ar(c)]]) 

R (r[si/xi, . . . , 'Sar(c)/^ar(c)]))] 

= R'[a{N'{r))[a{N'{si))/xi,.. •, o-(7V'(sar(c)))/a:ar(c)]] 

Since R' is a reduction context in Lice, this shows N'{s) Ll'{t). 

• (lapp) The reduction is i2[(letrec Env in si) S 2 ] i?[(letrec Env in (si 52 ))]- 

Since free variables of S 2 do not depend on Env, the translation of S 2 does not change by 
adding Env. I.e., for N'{R) = {R',aR) and At'(letrec Env in [•]) = {[■],(7Env) we have 

N'{R[{letrec Env € si) S 2 ]) = R'[crR{aEnviN'(si)) At'(s 2 ))] 

= R'[aR{aEnv{N'{si iV'(s2))))] 

= Af'(i?[(letrec Env in (si S 2 ))]) 

and thus the diagram for this case is as the one marked (4) in Figure [TOl 

• (lease) The case is analogous to that of (lapp), with the diagram marked as (5) in Fig¬ 
ure [101 

• (Iseq) The case is analogous to (lapp) and (lease), with the diagram (6) in Figure [TOl 

• (seq) s = i?[seq v si] R[si] = t where v is an abstraction or a constructor applica¬ 

tion 

Let A^'(-R[-]) = {R',a). Then the translations for s and t are as follows: 

N'{s) = i2'[cj(A^'(seq v si))] = i?'[seq a{N'{v)) cr(A^'(si))] 

N'{t) = R'[a{N'{s,))] 

By Lemma 16.61 N'(v) is a value in Lice (which cannot be changed by the substitution 
a) and thus N'{s) N'{t). The diagram for this case is (7) in Figure [TOl 

We inspect how WHNFs and values of both calculi are related w.r.t. N': 

Lemma 6.7. Let s he irreducible in Lname, hut not an Lname-WHNE. Then N'(s) is irre¬ 

ducible in Lice o,nd also not an Licc-WHNF. 

Proof. Assume that expression s is irreducible in Lname but not an L„ame-WHNF. There 
are three cases: 

(1) Expression s is of the form R[x] where x is a free variable in -R[x], then let N'{R) = 

{R',cr) and thus N'{s) = /^'[^(x)]. Since a only substitutes bound variables, we get 

cr(x) = X and thus N'{s) = i?'[x] where x is free in R'[x]. Hence N'{s) cannot be an 
L/cc-WHNF and it is irreducible in L/cc- 

(2) Expression s is of the form R[ca.seT (c si ... Sar(c)) of alts], but c is not of type T. 
Let N'{R) = {R',a). Then N'{s) = R'Icclsbr (c (t(W(si)) ... cj(A^'(sar(c)))) of alts'] 
which shows that N'{s) is not an L;cc-WHNE and irreducible in Lrc. 

(3) Expression s is of the form R[{{c si ... Sar(c)) ^)]' Then again N'(s) is not an Lrc- 

WHNF and irreducible. □ 

Lemma 6.8. Let s € E^. Then s is an Lname-WHNF iff N'{s) is an Licc-WHNF. 

Proof. If s = L[Ax.s'] or s = L[{c si... Sar(c))] then N'{s) = Xx.a{N'{s')) or N'{s) = 
(c a{N'{si))... (T(A''(sar(c)))) respectively, both of which are L^cc-WENFs. 

For the other direction assume that N'{s) is an abstraction or a constructor application. 
The analysis of the reduction correspondence in the previous paragraph shows that s cannot 
have a normal order redex in Lname, since otherwise N'{s) cannot be an L/cc-WHNF. Lemma 
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16.71 shows that s cannot be irreducible in Lname, but not an L„ame-WHNF. Thus s must be 
an L„ame-WHNF. □ 

Transferring Licc-reductions into Lname-f^ductions. 

We will now analyze how normal order reductions for N'{s) can be transferred into normal 
order reductions for s in Lname- 

Let s be an E^-expression and N'{s) t. We split the argument into three cases 
based on whether or not a normal order reduction is applicable to s: 

• If s - - \ r, then we can use the already developed diagrams, since normal-order reduc¬ 

tion in both calculi is unique. 

• s is a WHNF. This case cannot happen, since then N'{s) would also be a WHNF (see 
Lemma l6.8p and thus irreducible. 

• s is irreducible but not a WHNF. Then Lemma 16.71 implies that N'{s) is irreducible in 
Lice which contradicts the assumption N'[s) t. Thus this case is impossible. 

We summarize the diagrams in the following lemma: 

Lemma 6.9. Normal-order reductions in Lname can be transferred into reductions in Lice, 
and vice versa, by the diagrams in FigurelT^ □ 

Proposition 6.10. N' and N are convergence equivalent, i.e. for all expressions s: 

^\-name '' '* ^ ('®)'l'/cc ( ^\-name '' '* VCSp.). 

Proof. We first prove convergence equivalence of N': Suppose sfname- Let s si 

where si is a WHNF. We show that there exists an L/cc-WHNF S 2 such that N'{s) > S 2 

by induction on k. The base case follows from Lemma 16.81 The induction step follows by 
applying a diagram from Lemma 16.91 and then using the induction hypothesis. 

For the other direction we assume that N'{s)ficc, i-e. there exists a WHNF si G Lice s-t. 

N'{s) si. By induction on k we show that there exists a L„ame-WHNF S 2 such that 

s -^ S 2 . The base case is covered by Lemma (6^ The induction step uses the diagrams. 

Here it is necessary to observe that the diagrams for the reductions (lapp), (lease), and 
(Iseq) cannot be applied infinitely often without being interleaved with other reductions. 
This holds, since let-shifting by (lapp), (lease), and (Iseq) moves letrec-symbols to the top 
of the expressions, and thus there are no infinite sequences of these reductions. 

It remains to show convergence equivalence of N: Let sfname then N'{s)ficc, since N' 
is convergence equivalent. Lemma EH] implies N'{s) ^icc N{s) and thus A^(s)4,;gc must hold. 
For the other direction Lemma lH^ shows that N{s)ficc implies At'(s)|;cg. Using convergence 
equivalence of N' yields sfname- D 

Lemma 6.11. The translation N is compositional, i.e. for all expressions s and all contexts 
C: N{C[s]) = N{C)[N{s)]. 

Proof. This easily follows by structural induction on the definition. Q 

Proposition 6.12. For all si,S 2 G ^c- -^(■si) <kc N{s 2 ) si <name S 2 , i.e. N is 

adequate. 


Proof. Since N is convergence-equivalent fProposition 16.101) and compositional by Lemma 
16.111 we derive that N is adequate (see |SSNSSn8| and Section [2]) . □ 
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Lemma 6.13. For letrec-/ree expressions si,S 2 G Ea the following holds: si <name 

S2 Si <icc S2. 


Proof. Note that the claim only makes sense since clearly Ea C E^. Let si, S 2 be letrec-free 
such that Si <name 82 - Let C be an L^cc-context such that i.e. C'[si] Ax.s'^. 

By comparing the reduction strategies in L^ame and Lh-c, we obtain that (^[si] Ax .53 

(by the identical reduction sequence) since (^[si] is letrec-free. Thus, and also 


C[s2]ir. 


i.e. there is a normal order reduction in Lname for ^[ 32 ] to a WHNF. Since 


C'[s 2 ] is letrec-free, we can perform the identical reduction in Li^c and obtain C'[s 2 ] 4 'kc'n 
The language Lice is embedded into Lname (and also Lm) by i{s) = s. 

Proposition 6.14. For all s G E/;." s ^name ^(-A^('S)). 


Proof. We first show that for all expressions s G E/;: s ^name ''(-A^(s)). Since N is the 
identity mapping on letrec-free expressions of Lname and N{s) is letrec-free, we have 
N{l{N{s))) = N{s). Hence adequacy of N (Proposition [6T2|) implies s ^name D 

Proposition 6.15. For all si,S2 G E^; si <name 82 -^(si) <kc -A^(s 2 )- 


Proof. For this proof it is necessary to observe that Ea C E^, thus we can treat Lice 
expressions as Lname expressions. Let si,S 2 G E£ and si <name 82- By Proposition 16.141 
A^(si) '^name Piname 82 '^name F[(^S2f thuS A^(si) "Lname Llfs2'). Since iV(si) and iV(s2) 
are letrec-free, we can apply Lemma 16.131 and thus have Nfsi) <icc N{s2 ). □ 

Now we put all parts together, where (No VF)(s) means N{W{s)): 

Theorem 6.16. N and N o W are fully-abstract, i.e. for all expressions si,S2 G E/;.- 

8 l<LR 82 ^ N{Wisi)) <icc NiW{s 2 )). 

Proof. Full-abstractness of N follows from Propositions 16.121 and 16.151 Full-abstractness of 
N oW thus holds, since W is fully-abstract ICorollarv 15.321) . □ 

Since N is surjective, this and Corollary 16.171 imply: 

Corollary 6.17. N and N oW are isomorphisms according to Definition \ 2 . 7 \ D 

The results also allow us to transfer the characterization of expressions in Lice foto 
Llr- With cBotin we denote the set of E^-expressions s with the property that for all 
substitutions a: if it(s) is closed, then (t(s) "itiR- 

Proposition 6.18. Let s be a closed expression. Then there are three cases: s ~ 

8 ^LR Ax. s' for some s', s ^lr c si... s„ for some terms si,...,Sn and constructor c. 
Moreover, the three cases are disjoint. For two closed ¥.c-expressions s,t with s <lr t: 
Either s or s ^lr c si... Sn, t ^ c ti.. .tn and Si <lr U for all i for some terms 

si,..., Sn,ti,... ,tn and constructor c, or s ^lr Ax.s' and t Ax.P for some expressions 
s',t' with s' <lr t', or s ^lr Ax.s' and t ^lr c ti...tn for some term s' G cBotiR, 
expressions ti,... ,tn and constructor c. 


Proof. This follows by Proposition 14.321 and since iV o IF is surjective, compositional and 
fully abstract, and the identity on constructors. □ 
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see Proof of Prop. 17.21 

Si <LR,Qce S 2 < > N(W{si)) -41cc,Qce ^(W{s 2 )) 



7 . On Similarity in Lm 

In this section we will explain co-inductive and inductive (bi)similarity for Lm. Our re¬ 
sults of the previous sections then enable us to show that these bisimilarities coincide with 
contextual equivalence in Lm. 

7.1. Overview of soundness and completeness proofs for similarities in Lir. Be¬ 

fore we give details of the proof for lifting soundness and completeness of similarities from 
Lice to Lin, we show an outline of the proof in Fig. [TTJ The diagram shows fully abstract 
translations between the calculi Lin,Lname, and Lice defined and studied in Sections [5] 
and [6l where Corollary 15.321 and Theorem 16.161 show full abstractness for W and N, re¬ 
spectively. These fully-abstract translations that are also surjective, and the identity on 
letrec-free expressions, allow us to prove that si <lr S 2 ^{W{si)) <icc N(W{s 2 ))- 

By Theorem 14.371 in Lrc, this is equivalent to iV(lF(si)) =4°^^ N{W{s 2 )). The proof is 
completed by using the translations by transferring the equations back and forth between 
Lin and Lice in this section in order to finally show that si <lr S2 si ^°lr S2 in 

Theorem 17.61 

7.2. Similarity in Lrr. The definition of L^j^-WIINFs implies that they are of the form 

i?[u], where v is either an abstraction Xx.s or a constructor application {c si ... Sar(ci))) 
where R is an LiR-AWHNF-context according to the grammar R ::= [•] | (letrec Env in [•]) 
if V is an abstraction, and R is an LiR-CWHNF-context according to the grammar R ::= 
[•] I (letrec Env in [•]) | (letrec xi = [•],{a:j = ^m) if u is a constructor 

application. Note that L/,K-AWHNF-contexts and L/,/j-CWHNF-contexts are special Lrr- 
reduction contexts, also called LiR-WHNF-contexts. 

First we show that finite simulation (see [SSMOHj ) is correct for Lir\ 

Definition 7.1. Let <lr,Qq^ be defined for Lrr as instantiating the relation <q in Def¬ 
inition [2T] with the closed subcalculus of the calculus Lrr and the set Q with Qce from 
Definition 14.381 

The relation =4lr,Qce Q-similarity (Definition 12.5jl instantiated for the calculus Lrr 
with the set of contexts Qce (Definition [438]) . Its open extension is denoted with ^rr 

Proposition 7.2. Let si,S2 be closed ¥.c-expressions. Then si <lr S2 iff si <lr^Qc;e ^2- 
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Proof. The direction is trivial. We show <^=, the nontrivial part: Assume that the 
inequation si <lr,Qce '®2 holds. Then ^"( 1 ^( 51 )) <icc,Qce ^{^{^ 2 )), since for every n > 0 
and context Q = Qn{- ■ ■ {Q2{Qi\}) ■ ■ •)) with Qi € Qce, we have N{W{Q)) = Q, and also 
Q{si) iiR Q{si) iicc, since NoW is convergence-equivalent and compositional, and the 
identity on letrec-free expressions. Now Theorem 14.391 shows A^(lT(si)) <icc N(Vh(s 2 )), 
and then Theorem 16.161 shows si <lr 82- □ 

The following lemma is helpful in applying Theorem 14.81 


Lemma 7.3. The closed part of the calculus is convergence-admissible: For all contexts 
Q G Qce, 0 ,nd closed Lir-WHNFs w: Q{s)fi^jiW iff3v : sf^^v and Q{v)fij^w. 


Proof. First assume Q is of the form ([•] r) for closed r. Let (s r)fi^w. There are two 

cases, which can be verihed by induction on the length A: of a reduction sequence (s r) 
w. (s r) ((Ax.s') r) w, where s (Ax.s'), and the claim holds. The other case 

is (s r) (letrec Env in ((Ax.s') r)) w, where s (letrec Env in (Ax.s')). 

In this case ((letrec Env in (Ax.s')) r) (letrec Env in ((Ax.s') r)) w, and 

thus the claim is proven. The other cases where Q is of the form (case-p [•] of ...) can be 
proven similarly. 

The “-^=”-direction can be proven using induction on the length of reduction sequences. D 


Lemma 7.4. In Llr, the equation (<fji)° = <lr holds. 

Proof. If s,t are (open) E^-expressions with s <lr L then (Axi.... x„.s) si... s„ 

(Axi.... Xn.t) Si... Sn for closed expressions Si, and then by correctness of reduction in 
Llr, o-('S) <Ir cr(t), and hence <lr C {<1^)°. 

If for all closing E^-substitutions a: a(s) <ir cr(t), then using the fully abstract 
translations N o W, we obtain N o W{a){N o IT(s)) N o W{a)(N o W{t)), hence 
NoWis) <1^ (N o W{t)) by Theorem 14.391 Again using fully abstractness of N o W, we 
obtain s <LRt. □ 


Theorem 7.5. In Llr, for closed Me-expressions s and t the statements s =4lr,Qce 
s <lr,Qce ^ s <LRt are all equivalent. 

Proof. Lemma [7.31 shows that Theorem 14.81 is applicable for the testing contexts from Qce, 
i-e. <lr,Qce= ^lr,Qce and Proposition O shows <lr,Qce = ^lr □ 

For open E^-expressions, we can lift the properties from Lice, which also follows from 
full abstraction of N o IF and from Lemma 14.401 
The results above imply the following theorem: 

Main Theorem 7.6. <lr = 

Proof. Theorem El] shows =4lr,Qce = <lr,Qce = <lr^ hence = i<lR)°- Then 

Lemma El shows (<Ir)° = <lr = ^lr,Qce- 

The Main Theorem 17.61 implies that our embedding of Lrc into the call-by-need letrec 
calculus Llr (modulo ~) is isomorphic w.r.t. the corresponding term models, i.e. 

Theorem 7.7. The identical embedding t : E;, —>■ Me is an isomorphism according to 
Definition \2.7\ □ 
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Remark 7.8. Consider a polymorphically typed variant of Llr, say , and a corre¬ 
sponding type-indexed contextual preorder <lr, poly ,t which relates expressions of polymor¬ 
phic type r and where the testing contexts are restricted to well-typed contexts, i.e. for 
s,t of type r the inequality s <lr, poly ,t t holds iff for all contexts C such that (^[s] and 
C[t] are well-typed: Obviously for all expressions s,t of type r the 

inequality s <lr t implies s <LR,poiy,T t, since any test (context) performed for <LR,poiy,T 
is also included in the tests for <lr (there are more contexts). Thus the main theorem 
implies that ^°lrQce sound w.r.t. the typed preorder <LR,poiy,T- Of course completeness 
does not hold, and requires another definition of similarity which respects the typing. 

7.3. Similarity up to A more comfortable tool to prove program equivalences in 

Lin is the following similarity definition which allows to simplify intermediate expressions 
that are known to be equivalent. 

Definition 7.9 (Similarity up to ~l_r). Let =4lr,'^ be the greatest fixpoint of the following 
operator Fm,^ on closed E^-expressions: 

We define an operator Fin,^^ on binary relations r] on closed L/cc-expressions: 
s Fin,r^{r]) t iff the following holds: 

(1) If s Ax.s' then there are two possibilities: (i) if t (cti ... tn) then s' € cBotiR, 
or (ii) if t o^in Xx.t' then for all closed r : ((Ax.s') r) -q {{Xx.t') r); 

(2) If s (c Si ... Sn) then t o^lr {c ti... tn) and Sj q ti for all i. 

Lemma 7.10. <lj^ C 

Proof. We show that q := -^LR,~-dense, i.e. q C Fin,r...{q). 

Let s q t and s o^lr Ax.s'. Since s ^ either t o^lr Xx.t' or t o^lr c ti ... tn and 
s' G cBotiR. For the latter case we are finished. For the former case we have Ax. t' -Ir t- 
Since <5,^ is a precongruence, this implies ((Ax.s') r) <lr {{Xx.t') r) for all closed E/;- 
expressions r. Thus we conclude s FLn^^{q) t. 

Now let s q t and s '®i • • • Then t ■ ■ ■ ^n) by Proposition 16.181 

The contexts Ci := (case [] of ... (c xi... Xn ^ Xi)...) where all other right hand sides 
of case-alternatives are T, show that also Si <lr ti must hold, since otherwise s <iji t 
cannot hold. Thus also in this case s Fin,^{q) t holds. □ 

Lemma 7.11. N{W{^LR^r^)) C 

Proof. We show that q := {{N{W {s)) , N{W{t))) \ s =4LR,r., t} is F;cc,~-dense (see Definition 
I4.43p . i.e. q C Fnc,r..{q). Let s ^LR,r.. t for closed s,t. If W(IT(s)) ~;cc Ax.s', then also 
s ^LR Ax.s'. Now there are two cases: If t (c ti ... tn) then s' G cBotm must hold. 
Then also s' G cBot and N{W{t)) o^icc {c ti ... tn) and we are finished. If t ^lr Xx.t' 
then for all closed E^-expressions r: (Ax.s') r =4LR,r.^ {Xx.t') r (by unfolding the fixpoint 
equation for Fm,^). Since W o W is surjective, compositional and fully abstract, this also 
shows N{W{Xx.s')) r q N{W{Xx.t')) r for all L;cc-expressions r. 

If N{W{s)) ~;cc (c si...s„), then also s ^lr (c si...s„). Now s ^LR,r^ t shows 
that t ^LR {c ti ... tn) such that for all i: s* =4lr^ ti. Hence {si,ti) G q and also 
N{W{t)) ^icc {c ti ... tn), since A" o IT is fully abstract. □ 
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Theorem 7.12. <lr = 

Proof. For the closed relations, one direction of the equation is Lemma 17. 101 

the other direction follows from Lemma 17.111 since s ^lr,<^ t implies A^(VF(s)) ^icc,r^ 
N{W (t)) which in turn implies N(W (s)) N(W (t)) and finally, full-abstraction of NoW 

shows s <1^1 t. 

For the open extension the claimed equality holds, since s <lr t iff cj(s) <lr o'(i) for 
all closing substitutions a: This holds, since for a = {xi si,..., i-A s„} the equation 
< 7 ( 5 ) ~Li? letrec xi = si, ..., in s holds by correctness of the general copy rule 

(gcp) (Proposition I5.34) and of garbage collection (gc) (Theorem 13.7|] . □ 

We demonstrate the use of similarity up to ^lr in the following example: 

Example 7.13. As an example we prove the list law R[map (Ax. True) (repeat u)] ^lr 
R'[( repeat True)] where tt is a closed expression and R', R, resp. contains the definition of 
repeat, or repeat and map, resp., i.e. the corresponding E^-expressions are: 

s := letrec 

repeat = Ax.Cons x (repeat x), 

map = Xf .Xxs.ca.seList xs of (Nil — >■ Nil) (Cons y ys ^ Cons (/ y) (map f ys)) 
in map (Ax.True) (repeat u) 

t := letrec 

repeat = Ax.Cons x (repeat x), 
in repeat True 

Let rj := {(t, s), (s, t)}U{(True, True)}. We show that r] C FLR,r..('r]) which implies s ^ lr,^..- t 
as well as t ^lr,^ s and thus by Theorem 17.121 also s f. 

Evaluating s and t in normal order first shows: s ^lr vi,t ^lr V2 with 

vi = letrec 

repeat = Ax.Cons x (repeat x), 

map = Xf .Xxs.ca.seList xs of (Nil — Nil) (Cons y ys ^ Cons (/ y) (map f ys)) 

/i = (Ax.True), xi = t, xsi = Cons x[ X 2 , x} = xi, X 2 = (repeat t), yi = x), ysi = x^ 
in Cons (ff yi) (map fi ysi) 

V 2 = letrec 

repeat = Ax.Cons x (repeat x), 
xi = True 

in Cons xi (repeat xi) 

Using correctness of garbage collection, copying of bindings (gcp), shifting constructors over 
letrec, and the other correct reduction rules (see Theorem [321 and Proposition I5.34p . we 
can simplify as follows: vi ^lr Cons True s and V2 ^lr Cons True t. Now the proof is 
finished, since obviously True 77 True and s rj t, t r] s. 


8. Conclusion 

In this paper we have shown that co-inductive applicative bisimilarity, in the style of Howe, 
and also the inductive variant, is equivalent to contextual equivalence in a deterministic call- 
by-need calculus with letrec, case, data constructors, and seq which models the (untyped) 
core language of Haskell. This also shows soundness of untyped applicative bisimilarity 
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for the polymorphically typed variant of Llr. As a further work one may try to estab¬ 
lish a coincidence of the typed applicative bisimilarity and contextual equivalence for a 
polymorphically typed core language of Haskell. 
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